CVE-2018-14775
MEDIUMOpenBSD 6.2-6.3 - Local Denial of Service via I/O Port Access Control
Title source: llmDescription
tss_alloc in sys/arch/i386/i386/gdt.c in OpenBSD 6.2 and 6.3 has a Local Denial of Service (system crash) due to incorrect I/O port access control on the i386 architecture.
References (5)
Core 5
Core References
Patch, Vendor Advisory x_refsource_misc
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/arch/i386/i386/gdt.c.diff?r1=1.37&r2=1.37.8.1&f=h
Patch, Vendor Advisory x_refsource_misc
https://ftp.openbsd.org/pub/OpenBSD/patches/6.3/common/015_ioport.patch.sig
Patch, Vendor Advisory x_refsource_misc
https://ftp.openbsd.org/pub/OpenBSD/patches/6.2/common/020_ioport.patch.sig
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1041550
Issue Tracking, Patch, Vendor Advisory x_refsource_misc
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/arch/i386/i386/gdt.c
Scores
CVSS v3
5.5
EPSS
0.0005
EPSS Percentile
14.2%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-20
Status
published
Products (2)
openbsd/openbsd
6.2
openbsd/openbsd
6.3
Published
Aug 01, 2018
Tracked Since
Feb 18, 2026