Lucene search

K
ubuntucveUbuntu.comUB:CVE-2018-20669
HistoryMar 21, 2019 - 12:00 a.m.

CVE-2018-20669

2019-03-2100:00:00
ubuntu.com
ubuntu.com
21

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

5.1%

An issue where a provided address with access_ok() is not checked was
discovered in i915_gem_execbuffer2_ioctl in
drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through
4.19.13. A local attacker can craft a malicious IOCTL function call to
overwrite arbitrary kernel memory, resulting in a Denial of Service or
privilege escalation.

Notes

Author Note
tyhicks Only the i915_gem_execbuffer2_ioctl() changes are technically needed for this CVE. It would be ideal to audit the callers of the other changed functions in the fix commit. This CVE is being disputed. See the oss-security emails on 2019-02-07 for details.
sbeattie while this specific ioctl may or may not be vulnerable, the fix is generic aenough to possibly block other vulnerabilities.
OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< 4.15.0-115.116UNKNOWN
ubuntu18.04noarchlinux-aws< 4.15.0-1080.84UNKNOWN
ubuntu16.04noarchlinux-aws-hwe< 4.15.0-1080.84~16.04.1UNKNOWN
ubuntu18.04noarchlinux-azure< 5.0.0-1014.14~18.04.1UNKNOWN
ubuntu14.04noarchlinux-azure< 4.15.0-1093.103~14.04.1UNKNOWN
ubuntu16.04noarchlinux-azure< 4.15.0-1093.103~16.04.1UNKNOWN
ubuntu18.04noarchlinux-azure-4.15< 4.15.0-1093.103UNKNOWN
ubuntu18.04noarchlinux-azure-edge< 5.0.0-1014.14~18.04.1UNKNOWN
ubuntu18.04noarchlinux-gcp< 5.0.0-1020.20~18.04.1UNKNOWN
ubuntu16.04noarchlinux-gcp< 4.15.0-1081.92~16.04.1UNKNOWN
Rows per page:
1-10 of 221

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

5.1%