Lucene search

K
cvelistRedhatCVELIST:CVE-2018-16862
HistoryNov 26, 2018 - 7:00 p.m.

CVE-2018-16862

2018-11-2619:00:00
CWE-200
redhat
www.cve.org
3

CVSS3

5.3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N

AI Score

6.6

Confidence

High

EPSS

0.001

Percentile

26.5%

A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.

CNA Affected

[
  {
    "product": "kernel:",
    "vendor": "[UNKNOWN]",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

CVSS3

5.3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N

AI Score

6.6

Confidence

High

EPSS

0.001

Percentile

26.5%