Risk | Low |
Patch available | YES |
Number of vulnerabilities | 3 |
CVE-ID | CVE-2018-11508 CVE-2018-11506 CVE-2018-11412 |
CWE-ID | CWE-200 CWE-121 CWE-119 |
Exploitation vector | Local |
Public exploit | Public exploit code for vulnerability #1 is available. |
Vulnerable software Subscribe |
Linux kernel Operating systems & Components / Operating system |
Vendor | Linux Foundation |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
EUVDB-ID: #VU13069
Risk: Low
CVSSv3.1: 3 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-11508
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to obtain potentially sensitive information.
The vulnerability exists in the compat_get_timex function, as defined in the kernel/compat.c source code file due to an uninitialized struct field in compat adjtimex system calls. A local attacker can send a compat adjtimex system call that submits malicious input and access sensitive kernel memory content, which could be used to conduct further attacks.
MitigationUpdate to version 4.16.9.
Linux kernel: 4.16 - 4.16.8
External linkshttp://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0a0b98734479aa5b3c671d...
http://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.9
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU13070
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-11506
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition on the target system.
The vulnerability exists in the sr_do_ioctl function, as defined in the drivers/scsi/sr_ioctl.c source code file due to differing buffer sizes in the CDROM layer and the SCSI layer. A local attacker can submit specially crafted input, trigger a stack-based overflow and cause the system to crash.
MitigationInstall update from vendor's website.
Linux kernel: 4.16.1 - 4.16.12
External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU13071
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-11412
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges or cause DoS condition on the target system.
The vulnerability exists due to improper memory operations performed by the ext4_read_inline_data() function, as defined in the fs/ext4/inline.c source code file. A local attacker can mount a customized ext4 filesystem that stores the system.data extended attribute value in a dedicated inode, supply malicious input containing an untrusted length value, trigger memory corruption and gain elevated privileges or cause a DoS condition.
MitigationInstall update from vendor's website.
Linux kernel: 4.13 - 4.16.11
External linkshttp://bugzilla.kernel.org/show_bug.cgi?id=199803
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.