vulnerability
Ubuntu: (Multiple Advisories) (CVE-2018-1066): Linux kernel vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:N/I:N/A:C) | Mar 2, 2018 | Feb 9, 2019 | Aug 18, 2025 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:C)
Published
Mar 2, 2018
Added
Feb 9, 2019
Modified
Aug 18, 2025
Description
The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation response is mishandled during session recovery.
Solutions
ubuntu-upgrade-linux-image-3-13-0-165-genericubuntu-upgrade-linux-image-3-13-0-165-generic-lpaeubuntu-upgrade-linux-image-3-13-0-165-lowlatencyubuntu-upgrade-linux-image-3-13-0-165-powerpc-e500ubuntu-upgrade-linux-image-3-13-0-165-powerpc-e500mcubuntu-upgrade-linux-image-3-13-0-165-powerpc-smpubuntu-upgrade-linux-image-3-13-0-165-powerpc64-embubuntu-upgrade-linux-image-3-13-0-165-powerpc64-smpubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-lpaeubuntu-upgrade-linux-image-generic-lpae-lts-trustyubuntu-upgrade-linux-image-generic-lts-trustyubuntu-upgrade-linux-image-lowlatencyubuntu-upgrade-linux-image-powerpc-e500ubuntu-upgrade-linux-image-powerpc-e500mcubuntu-upgrade-linux-image-powerpc-smpubuntu-upgrade-linux-image-powerpc64-embubuntu-upgrade-linux-image-powerpc64-smp
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.