{
  "threat_severity" : "Low",
  "public_date" : "2018-10-04T00:00:00Z",
  "bugzilla" : {
    "description" : "docker: Memory exhaustion via large integer used with --cpuset-mems or --cpuset-cpus",
    "id" : "1666565",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1666565"
  },
  "cvss3" : {
    "cvss3_base_score" : "4.5",
    "cvss3_scoring_vector" : "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-400",
  "details" : [ "Docker Engine before 18.09 allows attackers to cause a denial of service (dockerd memory consumption) via a large integer in a --cpuset-mems or --cpuset-cpus value, related to daemon/daemon_unix.go, pkg/parsers/parsers.go, and pkg/sysinfo/sysinfo.go." ],
  "statement" : "This issue affects the versions of docker as shipped with Red Hat Enterprise Linux 7, however if docker is accessible only by root or highly privileged users, as it is by default, a low-privileged attacker will not be able to trigger the flaw.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 7 Extras",
    "release_date" : "2019-03-13T00:00:00Z",
    "advisory" : "RHSA-2019:0487",
    "cpe" : "cpe:/a:redhat:rhel_extras_other:7",
    "package" : "docker-2:1.13.1-94.gitb2f74b2.el7"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2018-20699\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-20699" ],
  "name" : "CVE-2018-20699",
  "csaw" : false
}