CVE-2018-20699Uncontrolled Resource Consumption in Docker Engine

CWE-400Uncontrolled Resource Consumption11 documents7 sources
Severity
4.9MEDIUMNVD
EPSS
0.1%
top 77.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Docker EngineRedhat Enterprise Linux Server
Timeline
PublishedJan 12
Latest updateMay 14

Description

Docker Engine before 18.09 allows attackers to cause a denial of service (dockerd memory consumption) via a large integer in a --cpuset-mems or --cpuset-cpus value, related to daemon/daemon_unix.go, pkg/parsers/parsers.go, and pkg/sysinfo/sysinfo.go.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:HExploitability: 1.2 | Impact: 3.6

Affected Packages2 packages

NVDdocker/engine< 18.09

Patches

Patch: github.comPatch: github.comPatch: github.com

🔴Vulnerability Details

3
GHSA
GHSA-m9q8-9m2h-84gh: Docker Engine before 182022-05-14
CVEList
CVE-2018-20699: Docker Engine before 182019-01-12
OSV
CVE-2018-20699: Docker Engine before 182019-01-12

📋Vendor Advisories

2
Red Hat
docker: Memory exhaustion via large integer used with --cpuset-mems or --cpuset-cpus2018-10-04
Debian
CVE-2018-20699: docker.io - Docker Engine before 18.09 allows attackers to cause a denial of service (docker...2018

💬Community

5
Bugzilla
CVE-2018-20699 docker: Memory exhaustion via large integer used with --cpuset-mems or --cpuset-cpus [fedora-all]2019-01-19
Bugzilla
CVE-2018-20699 docker: Memory exhaustion via large integer used with --cpuset-mems or --cpuset-cpus2019-01-16
Bugzilla
CVE-2018-20699 docker: Memory exhaustion via large integer used with --cpuset-mems or --cpuset-cpus [fedora-all]2019-01-16
Bugzilla
CVE-2018-20699 docker:2017.0/docker: Memory exhaustion via large integer used with --cpuset-mems or --cpuset-cpus [fedora-all]2019-01-16
Bugzilla
CVE-2018-20699 docker: Memory exhaustion via large integer used with --cpuset-mems or --cpuset-cpus [epel-6]2019-01-16
CVE-2018-20699 — Uncontrolled Resource Consumption | cvebase