CVE-2018-14775

Name: CVE-2018-14775
Creator: NVD / NIST
Published: 2018-08-01T06:29:00.633+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.34%

Last modified Jun 17, 2026

CVE-2018-14775 is a vulnerability of currently unknown severity. tss_alloc in sys/arch/i386/i386/gdt.c in OpenBSD 6.2 and 6.3 has a Local Denial of Service (system crash) due to incorrect I/O port access control on the i386 architecture.. EPSS estimates a 0.34% chance of exploitation in the next 30 days.

Description

tss_alloc in sys/arch/i386/i386/gdt.c in OpenBSD 6.2 and 6.3 has a Local Denial of Service (system crash) due to incorrect I/O port access control on the i386 architecture.

Metrics

EPSS Probability

0.34%

26.0th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-20

Affected Software

Vendor	Product	Versions
Openbsd	Openbsd	6.2
Openbsd	Openbsd	6.3

References

http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/arch/i386/i386/gdt.cIssue Tracking, Patch, Vendor Advisory
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/arch/i386/i386/gdt.c.diff?r1=1.37&r2=1.37.8.1&f=hPatch, Vendor Advisory
http://www.securitytracker.com/id/1041550Third Party Advisory, VDB Entry
https://ftp.openbsd.org/pub/OpenBSD/patches/6.2/common/020_ioport.patch.sigPatch, Vendor Advisory
https://ftp.openbsd.org/pub/OpenBSD/patches/6.3/common/015_ioport.patch.sigPatch, Vendor Advisory
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/arch/i386/i386/gdt.cIssue Tracking, Patch, Vendor Advisory
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/arch/i386/i386/gdt.c.diff?r1=1.37&r2=1.37.8.1&f=hPatch, Vendor Advisory
http://www.securitytracker.com/id/1041550Third Party Advisory, VDB Entry
https://ftp.openbsd.org/pub/OpenBSD/patches/6.2/common/020_ioport.patch.sigPatch, Vendor Advisory
https://ftp.openbsd.org/pub/OpenBSD/patches/6.3/common/015_ioport.patch.sigPatch, Vendor Advisory

Timeline

Published: Aug 1, 2018
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2018-14775?

tss_alloc in sys/arch/i386/i386/gdt.c in OpenBSD 6.2 and 6.3 has a Local Denial of Service (system crash) due to incorrect I/O port access control on the i386 architecture.

How severe is CVE-2018-14775?

Severity scoring for CVE-2018-14775 is pending analysis. The EPSS model estimates a 0.34% probability of exploitation in the next 30 days.

How do I fix CVE-2018-14775?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2018-14775?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST