From 9c84a9e01ccdc96819d6b0505c675cf724bf94f5 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 25 Sep 2018 17:07:11 -0400 Subject: [PATCH] - Synchronized data. --- 2018/11xxx/CVE-2018-11763.json | 4 +- 2018/14xxx/CVE-2018-14634.json | 145 +++++++++++++++++---------------- 2 files changed, 77 insertions(+), 72 deletions(-) diff --git a/2018/11xxx/CVE-2018-11763.json b/2018/11xxx/CVE-2018-11763.json index 05323838854..7dc78126507 100644 --- a/2018/11xxx/CVE-2018-11763.json +++ b/2018/11xxx/CVE-2018-11763.json @@ -35,7 +35,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "By sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol." + "value" : "In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol." } ] }, @@ -54,6 +54,8 @@ "references" : { "reference_data" : [ { + "name" : "https://httpd.apache.org/security/vulnerabilities_24.html", + "refsource" : "CONFIRM", "url" : "https://httpd.apache.org/security/vulnerabilities_24.html" } ] diff --git a/2018/14xxx/CVE-2018-14634.json b/2018/14xxx/CVE-2018-14634.json index ad081a3fd20..96a42e74053 100644 --- a/2018/14xxx/CVE-2018-14634.json +++ b/2018/14xxx/CVE-2018-14634.json @@ -1,74 +1,77 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2018-14634", - "ASSIGNER": "psampaio@redhat.com" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "The Linux Foundation", - "product": { - "product_data": [ - { - "product_name": "kernel", - "version": { - "version_data": [ - { - "version_value": "2.6.x, 3.10.x, 4.14.x" - } - ] - } - } - ] - } - } + "CVE_data_meta" : { + "ASSIGNER" : "psampaio@redhat.com", + "ID" : "CVE-2018-14634", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "kernel", + "version" : { + "version_data" : [ + { + "version_value" : "2.6.x, 3.10.x, 4.14.x" + } + ] + } + } + ] + }, + "vendor_name" : "The Linux Foundation" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable." + } + ] + }, + "impact" : { + "cvss" : [ + [ + { + "vectorString" : "7.8/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version" : "3.0" + } + ] + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "CWE-190" + } ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-190" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.openwall.com/lists/oss-security/2018/09/25/4" - }, - { - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14634", - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14634", - "refsource": "CONFIRM" - } - ] - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable." - } - ] - }, - "impact": { - "cvss": [ - [ - { - "vectorString": "7.8/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", - "version": "3.0" - } - ] - ] - } + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "[oss-security] 20180925 Integer overflow in Linux's create_elf_tables() (CVE-2018-14634)", + "refsource" : "MLIST", + "url" : "https://www.openwall.com/lists/oss-security/2018/09/25/4" + }, + { + "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14634", + "refsource" : "CONFIRM", + "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14634" + } + ] + } }