How severe is CVE-2018-3979?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.4 out of 10.

What type of vulnerability is CVE-2018-3979?

This is classified as CWE-400, which is a common weakness in software security.

CVE-2018-3979

HIGH Year: 2018

CVSS v3 Score

7.4

High

CVSS v2 Score

4.3

Medium

Weakness Type

CWE-400

View all →

Vulnerability Description

A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. A specially crafted pixel shader can cause remote denial-of-service issues. An attacker can provide a specially crafted website to trigger this vulnerability. This vulnerability can be triggered remotely after the user visits a malformed website. No further user interaction is required. Vulnerable versions include Ubuntu 18.04 LTS (linux 4.15.0-29-generic x86_64), Nouveau Display Driver NV117 (vermagic: 4.15.0-29-generic SMP mod_unload).

CVE-2018-0441

HIGH

CVSS:7.4(High)

A vulnerability in the 802.11r Fast Transition feature set of Cisco IOS Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on a...

CWE-4002018

CVE-2018-0471

HIGH

CVSS:7.4(High)

A vulnerability in the Cisco Discovery Protocol (CDP) module of Cisco IOS XE Software Releases 16.6.1 and 16.6.2 could allow an unauthenticated, adjacent attacker to cause a memory leak that may lead ...

CWE-4002018

CVE-2019-0031

HIGH

CVSS:7.4(High)

Specific IPv6 DHCP packets received by the jdhcpd daemon will cause a memory resource consumption issue to occur on a Junos OS device using the jdhcpd daemon configured to respond to IPv6 requests. On...

CWE-4002019

CVE-2019-11060

HIGH

CVSS:7.4(High)

The web api server on Port 8080 of ASUS HG100 firmware up to 1.05.12, which is vulnerable to Slowloris HTTP Denial of Service: an attacker can cause a Denial of Service (DoS) by sending headers very s...

CWE-4002019

CVE-2019-15264

HIGH

CVSS:7.4(High)

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol implementation of Cisco Aironet and Catalyst 9100 Access Points (APs) could allow an unauthenticated, adjace...

CWE-4002019

CVE-2019-1696

HIGH

CVSS:7.4(High)

Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote a...

CWE-4002019

CVE-2018-3979

Vulnerability Description

Related Vulnerabilities

CVE-2018-0441

CVE-2018-0471

CVE-2019-0031

CVE-2019-11060

CVE-2019-15264

CVE-2019-1696