CVE-2018-10872 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2018-10872 Interim 1 24 2025-02-17T02:49:19Z current 2021-05-30T14:12:59Z 2025-02-17T02:49:19Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2018-10872 A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, processor does not deliver interrupts and exceptions, they are delivered once the first instruction after the stack switch is executed. An unprivileged system user could use this flaw to crash the system kernel resulting in DoS. This CVE-2018-10872 was assigned due to regression of CVE-2018-8897 in Red Hat Enterprise Linux 6.10 GA kernel. No other versions are affected by this CVE. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Development Tools 15 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Development Tools 15 SUSE Linux Enterprise Server 11 SP1 for Teradata SUSE Linux Enterprise Server 11 SP3 for Teradata SUSE Linux Enterprise Server 11 SP4-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Development Tools 15 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Development Tools 15 kernel-default kernel-default-base kernel-default-devel kernel-default-extra kernel-default-man kernel-devel kernel-macros kernel-source kernel-default as a component of SUSE Linux Enterprise Desktop 12 SP3 kernel-default-devel as a component of SUSE Linux Enterprise Desktop 12 SP3 kernel-default-extra as a component of SUSE Linux Enterprise Desktop 12 SP3 kernel-devel as a component of SUSE Linux Enterprise Desktop 12 SP3 kernel-macros as a component of SUSE Linux Enterprise Desktop 12 SP3 kernel-source as a component of SUSE Linux Enterprise Desktop 12 SP3 kernel-default as a component of SUSE Linux Enterprise Module for Basesystem 15 kernel-default-base as a component of SUSE Linux Enterprise Module for Basesystem 15 kernel-default-devel as a component of SUSE Linux Enterprise Module for Basesystem 15 kernel-default-man as a component of SUSE Linux Enterprise Module for Basesystem 15 kernel-devel as a component of SUSE Linux Enterprise Module for Basesystem 15 kernel-macros as a component of SUSE Linux Enterprise Module for Basesystem 15 kernel-source as a component of SUSE Linux Enterprise Module for Basesystem 15 kernel-default as a component of SUSE Linux Enterprise Module for Development Tools 15 kernel-source as a component of SUSE Linux Enterprise Module for Development Tools 15 kernel-default as a component of SUSE Linux Enterprise Server 11 SP1 for Teradata kernel-source as a component of SUSE Linux Enterprise Server 11 SP1 for Teradata kernel-default as a component of SUSE Linux Enterprise Server 11 SP3 for Teradata kernel-source as a component of SUSE Linux Enterprise Server 11 SP3 for Teradata kernel-default as a component of SUSE Linux Enterprise Server 11 SP4-LTSS kernel-default-base as a component of SUSE Linux Enterprise Server 11 SP4-LTSS kernel-default-devel as a component of SUSE Linux Enterprise Server 11 SP4-LTSS kernel-default-man as a component of SUSE Linux Enterprise Server 11 SP4-LTSS kernel-source as a component of SUSE Linux Enterprise Server 11 SP4-LTSS kernel-default as a component of SUSE Linux Enterprise Server 12 SP3 kernel-default-base as a component of SUSE Linux Enterprise Server 12 SP3 kernel-default-devel as a component of SUSE Linux Enterprise Server 12 SP3 kernel-default-man as a component of SUSE Linux Enterprise Server 12 SP3 kernel-devel as a component of SUSE Linux Enterprise Server 12 SP3 kernel-macros as a component of SUSE Linux Enterprise Server 12 SP3 kernel-source as a component of SUSE Linux Enterprise Server 12 SP3 A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, processor does not deliver interrupts and exceptions, they are delivered once the first instruction after the stack switch is executed. An unprivileged system user could use this flaw to crash the system kernel resulting in DoS. This CVE-2018-10872 was assigned due to regression of CVE-2018-8897 in Red Hat Enterprise Linux 6.10 GA kernel. No other versions are affected by this CVE. CVE-2018-10872 SUSE Linux Enterprise Desktop 12 SP3:kernel-default SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra SUSE Linux Enterprise Desktop 12 SP3:kernel-devel SUSE Linux Enterprise Desktop 12 SP3:kernel-macros SUSE Linux Enterprise Desktop 12 SP3:kernel-source SUSE Linux Enterprise Module for Basesystem 15:kernel-default SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man SUSE Linux Enterprise Module for Basesystem 15:kernel-devel SUSE Linux Enterprise Module for Basesystem 15:kernel-macros SUSE Linux Enterprise Module for Basesystem 15:kernel-source SUSE Linux Enterprise Module for Development Tools 15:kernel-default SUSE Linux Enterprise Module for Development Tools 15:kernel-source SUSE Linux Enterprise Server 11 SP1 for Teradata:kernel-default SUSE Linux Enterprise Server 11 SP1 for Teradata:kernel-source SUSE Linux Enterprise Server 11 SP3 for Teradata:kernel-default SUSE Linux Enterprise Server 11 SP3 for Teradata:kernel-source SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source SUSE Linux Enterprise Server 12 SP3:kernel-default SUSE Linux Enterprise Server 12 SP3:kernel-default-base SUSE Linux Enterprise Server 12 SP3:kernel-default-devel SUSE Linux Enterprise Server 12 SP3:kernel-default-man SUSE Linux Enterprise Server 12 SP3:kernel-devel SUSE Linux Enterprise Server 12 SP3:kernel-macros SUSE Linux Enterprise Server 12 SP3:kernel-source moderate 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C 6.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H