← back
CVE-2018-5333

CVE-2018-5333

EPSS 7.7%
Vexday Risk Score
38Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Functional exploit
Automatable exploit available (Nuclei/Metasploit).
CVSS EPSS 7.7%KEV nãoPoC públicaNuclei Metasploit simPatch referenciado
Lifecycle
11 Jan 2018Published on NVD
01 Nov 2018Metasploit module available
23 Jan 2020Public PoC
Weaponization speed
742 daysto first PoC
294 daysto Metasploit module
Recommendation: Plan a near-term fix — a public PoC already exists.
In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.