CVE-2018-6925

{"id": "CVE-2018-6925", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2018-09-28T13:29:01.033", "references": [{"url": "https://security.FreeBSD.org/advisories/FreeBSD-EN-18:11.listen.asc", "tags": ["Patch", "Vendor Advisory"], "source": "secteam@freebsd.org"}, {"url": "https://www.flexera.com/company/secunia-research/advisories/SR-2018-21.html", "source": "secteam@freebsd.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-476"}]}], "descriptions": [{"lang": "en", "value": "In FreeBSD before 11.2-STABLE(r338986), 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLE(r338985), and 10.4-RELEASE-p13, due to improper maintenance of IPv6 protocol control block flags through various failure paths, an unprivileged authenticated local user may be able to cause a NULL pointer dereference causing the kernel to crash."}, {"lang": "es", "value": "En FreeBSD en versiones anteriores a la 11.2-STABLE(r338986), 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLE(r338985) y 10.4-RELEASE-p13, debido al mantenimiento indebido de las etiquetas de bloques de control del protocolo IPv6 mediante varias rutas de error, un usuario local autenticado sin privilegios podr\u00eda provocar una desreferencia de puntero NULL que haga que el kernel se cierre inesperadamente."}], "lastModified": "2018-11-30T21:34:47.250", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7354D16-6431-43C2-97BA-EBBF482572C9", "versionEndExcluding": "11.2"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BD5B9266-A927-4F62-8742-721CE9A4C4C4"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:10.4:p13:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86FDD601-4F89-4CA3-BE1A-54EA02DAC008"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:11.1:p15:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17D3DDDC-07B4-43ED-8E0B-FF2D293B0EE1"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "22365F7C-2B00-4B61-84E8-EFBA3B8CFDC0"}], "operator": "OR"}]}], "sourceIdentifier": "secteam@freebsd.org"}