Integer overflow in Linux kernel

#VU19997 Integer overflow in Linux kernel

Published: 2019-08-08

Vulnerability identifier: #VU19997

Vulnerability risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-13053

CWE-ID: CWE-190

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists in kernel/time/alarmtimer.c within the alarm_timer_nsleep function. A local user can trigger integer overflow due to ktime_add_safe is not used and escalate privileges on the system.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: 4.17.1 - 4.17.3

External links
http://www.securityfocus.com/bid/104671
http://access.redhat.com/errata/RHSA-2019:0831
http://bugzilla.kernel.org/show_bug.cgi?id=200303
http://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=5f936e19cc0ef97dbe3a56e9498922ad5ba1edef
http://lists.debian.org/debian-lts-announce/2019/03/msg00017.html
http://lists.debian.org/debian-lts-announce/2019/03/msg00034.html
http://lists.debian.org/debian-lts-announce/2019/04/msg00004.html
http://usn.ubuntu.com/3821-1/
http://usn.ubuntu.com/3821-2/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Red Hat update for kernel

Red Hat update for kernel-rt

Red Hat update for tomcat

Red Hat update for kernel-alt

OpenSUSE Linux update for the Linux Kernel