Buffer overflow in Block IO Tracing - CVE-2018-10689
Published: November 23, 2019
Vulnerability identifier: #VU22938
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2018-10689
CWE-ID: CWE-119
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Jens Axboe
Affected software:
Block IO Tracing
Block IO Tracing
Detailed vulnerability description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the dev_map_read() function in btt/devmap.c in blktrace. A local user can create a specially crafted file, pass it to he application that is using the vulnerable component (e.g. btt program), trigger memory corruption and execute arbitrary code with elevated privileges.
How to mitigate CVE-2018-10689
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
Sources
- http://git.kernel.dk/?p=blktrace.git;a=log;h=d61ff409cb4dda31386373d706ea0cfb1aaac5b7
- https://access.redhat.com/errata/RHSA-2019:2162
- https://git.kernel.org/pub/scm/linux/kernel/git/axboe/blktrace.git/commit/?id=d61ff409cb4dda31386373d706ea0cfb1aaac5b7
- https://www.spinics.net/lists/linux-btrace/msg00847.html