Lucene search

K

[email protected]NVD:CVE-2018-18397

HistoryDec 12, 2018 - 10:29 a.m.

CVE-2018-18397

2018-12-1210:29:00

CWE-863

[email protected]

web.nvd.nist.gov

1

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

5.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.3%

The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c.

Affected configurations

NVD

Node

linuxlinux_kernelRange<4.19.7

Node

redhatopenshift_container_platformMatch3.11

OR

redhatvirtualization_hostMatch4.0

OR

redhatenterprise_linux_desktopMatch7.0

OR

redhatenterprise_linux_serverMatch7.0

OR

redhatenterprise_linux_server_ausMatch7.4

OR

redhatenterprise_linux_server_ausMatch7.6

OR

redhatenterprise_linux_server_eusMatch7.4

OR

redhatenterprise_linux_server_eusMatch7.5

OR

redhatenterprise_linux_server_eusMatch7.6

OR

redhatenterprise_linux_server_tusMatch7.4

OR

redhatenterprise_linux_server_tusMatch7.6

OR

redhatenterprise_linux_workstationMatch7.0

Node

canonicalubuntu_linuxMatch14.04lts

OR

canonicalubuntu_linuxMatch16.04lts

OR

canonicalubuntu_linuxMatch18.04lts

OR

canonicalubuntu_linuxMatch18.10

References

git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=29ec90660d68bbdd69507c1c8b4e33aa299278b1

access.redhat.com/errata/RHBA-2019:0327

access.redhat.com/errata/RHSA-2019:0163

access.redhat.com/errata/RHSA-2019:0202

access.redhat.com/errata/RHSA-2019:0324

access.redhat.com/errata/RHSA-2019:0831

bugs.chromium.org/p/project-zero/issues/detail?id=1700

cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.87

cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.7

github.com/torvalds/linux/commit/29ec90660d68bbdd69507c1c8b4e33aa299278b1

usn.ubuntu.com/3901-1/

usn.ubuntu.com/3901-2/

usn.ubuntu.com/3903-1/

usn.ubuntu.com/3903-2/

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

5.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.3%

Related for NVD:CVE-2018-18397