CVE-2018-1000204

2018-06-11T08:19:19
ID RH:CVE-2018-1000204
Type redhatcve
Reporter redhat.com
Modified 2021-03-18T17:25:35

Description

A malformed SG_IO ioctl issued for a SCSI device in the Linux kernel leads to a local kernel data leak manifesting in up to approximately 1000 memory pages copied to the userspace. The problem has limited scope as non-privileged users usually have no permissions to access SCSI device files.