#VU10922 Memory corruption in Linux kernel - CVE-2018-7740
Published: March 12, 2018 / Updated: March 20, 2018
Vulnerability identifier: #VU10922
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear
CVE-ID: CVE-2018-7740
CWE-ID: CWE-119
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local attacker to cause DoS condition no the target system.
The weakness exists in the resv_map_release function due to boundary error when handling user-supplied input. A local attacker can execute an application that submits malicious input, trigger memory corruption and cause the system to crash.
The weakness exists in the resv_map_release function due to boundary error when handling user-supplied input. A local attacker can execute an application that submits malicious input, trigger memory corruption and cause the system to crash.
Remediation
Cybersecurity Help is currently unaware of any solutions addressing the vulnerability.