CVE-2018-1000026
HIGH7.7EPSS 0.86%linux-4.9 - security update
Published: 2/9/2018Modified: 4/28/2026
Also known as:DEBIAN-CVE-2018-1000026
Description
Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitable via An attacker on a must pass a very large, specially crafted packet to the bnx2x card. This can be done from an untrusted guest VM..
Affected packages (2)
- Debian/linuxfrom 0, < 4.16.5-1
- Debian/linux-4.9from 0, < 4.9.168-1~deb8u1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.7 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H |