Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2018-18397
HistoryDec 12, 2018 - 10:29 a.m.

CVE-2018-18397

2018-12-1210:29:00
Google
osv.dev
5

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

10.2%

JSON

The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c.

Related

nessus 24
redhat 4
zdt 1
exploitpack 1
ubuntucve 1
exploitdb 1
packetstorm 1
prion 1
cve 1
redhatcve 1
f5 1
cvelist 1
veracode 1
nvd 1
virtuozzo 1
debiancve 1
centos 1
oraclelinux 3
openvas 15
ubuntu 4
cloudfoundry 1
mageia 3
suse 1
androidsecurity 1
nessus
nessus
RHEL 7 : kernel (RHSA-2019:0324)
2019-02-13 00:00:00
Virtuozzo 7 : readykernel-patch (VZA-2019-006)
2020-02-04 00:00:00
F5 Networks BIG-IP : Linux kernel vulnerability (K83102920)
2021-07-08 00:00:00
redhat
redhat
(RHSA-2019:0202) Moderate: kernel security and bug fix update
2019-01-29 15:25:03
(RHSA-2019:0324) Moderate: kernel security and bug fix update
2019-02-12 14:40:03
(RHSA-2019:0163) Important: kernel security, bug fix, and enhancement update
2019-01-29 15:21:23
zdt
zdt
Linux - userfaultfd Bypasses tmpfs File Permissions Exploit
2018-12-13 00:00:00
exploitpack
exploitpack
Linux - userfaultfd Bypasses tmpfs File Permissions
2018-12-13 00:00:00
ubuntucve
ubuntucve
CVE-2018-18397
2018-12-12 00:00:00
exploitdb
exploitdb
Linux - 'userfaultfd' Bypasses tmpfs File Permissions
2018-12-13 00:00:00
packetstorm
packetstorm
Linux userfaultfd tmpfs File Permission Bypass
2018-12-12 00:00:00
prion
prion
Design/Logic Flaw
2018-12-12 10:29:00
cve
cve
CVE-2018-18397
2018-12-12 10:29:00
redhatcve
redhatcve
CVE-2018-18397
2020-04-07 04:50:11
f5
f5
K83102920 : Linux kernel vulnerability CVE-2018-18397
2020-12-08 00:00:00
cvelist
cvelist
CVE-2018-18397
2018-12-12 07:00:00
veracode
veracode
Authorization Bypass
2019-05-16 03:38:22
nvd
nvd
CVE-2018-18397
2018-12-12 10:29:00
virtuozzo
virtuozzo
Kernel security update: Virtuozzo ReadyKernel patch 71.0 for Virtuozzo 7.0.6 to 7.0.8 HF1 and Virtuozzo Infrastructure Platform 2.5
2019-02-07 00:00:00
debiancve
debiancve
CVE-2018-18397
2018-12-12 10:29:00
centos
centos
bpftool, kernel, perf, python security update
2019-02-01 23:12:39
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2019-01-31 00:00:00
kernel security, bug fix, and enhancement update
2019-01-29 00:00:00
Unbreakable Enterprise kernel security update
2019-02-12 00:00:00
openvas
openvas
CentOS Update for kernel CESA-2019:0163 centos7
2019-02-02 00:00:00
Ubuntu: Security Advisory (USN-3901-2)
2019-03-06 00:00:00
Ubuntu: Security Advisory (USN-3903-2)
2019-03-07 00:00:00
ubuntu
ubuntu
Linux kernel (HWE) vulnerabilities
2019-03-05 00:00:00
Linux kernel (HWE) vulnerabilities
2019-03-06 00:00:00
Linux kernel vulnerabilities
2019-03-05 00:00:00
cloudfoundry
cloudfoundry
USN-3901-2: Linux kernel (HWE) vulnerabilities | Cloud Foundry
2019-03-21 00:00:00
mageia
mageia
Updated kernel packages fix security vulnerabilities
2018-12-22 00:28:39
Updated kernel-linus packages fix security vulnerabilities
2019-02-21 02:50:36
Updated kernel-tmb packages fixes security vulnerabilities
2019-05-16 11:25:22
suse
suse
Security update for the Linux Kernel (important)
2019-01-18 00:00:00
androidsecurity
androidsecurity
Pixel Update Bulletin—September 2019
2019-09-03 00:00:00

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

10.2%

JSON
Related for OSV:CVE-2018-18397
nessus24redhat4zdt1exploitpack1ubuntucve1exploitdb1packetstorm1prion1cve1redhatcve1f51cvelist1veracode1nvd1virtuozzo1debiancve1centos1oraclelinux3openvas15ubuntu4cloudfoundry1mageia3suse1androidsecurity1