Showing 1 - 12 of 12

CVE-2018-1000199

Status Candidate

Overview

The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f.

Related Files

Red Hat Security Advisory 2018-1374-01: Posted May 15, 2018; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2018-1374-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include denial of service and remote file inclusion vulnerabilities.; tags | advisory, remote, denial of service, kernel, vulnerability, file inclusion; systems | linux, redhat; advisories | CVE-2018-1000199; SHA-256 | 2f31ed48f61739be5e9d210aca175fb0edb7325afed23ec43f9eba4309a8268f; Download | Favorite | View

Ubuntu Security Notice USN-3641-2: Posted May 8, 2018; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3641-2 - USN-3641-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 17.10. This update provides the corresponding updates for Ubuntu 12.04 ESM. Nick Peterson discovered that the Linux kernel did not properly handle debug exceptions following a MOV/POP to SS instruction. A local attacker could use this to cause a denial of service. This issue only affected the amd64 architecture. Various other issues were also addressed.; tags | advisory, denial of service, kernel, local, vulnerability; systems | linux, ubuntu; advisories | CVE-2018-1000199, CVE-2018-1087, CVE-2018-8897; SHA-256 | 8b62cd3908a2ea60933e4f5060c4a7cffa0119feb5c2296cf0f5d7231274b888; Download | Favorite | View

Ubuntu Security Notice USN-3641-1: Posted May 8, 2018; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3641-1 - Nick Peterson discovered that the Linux kernel did not properly handle debug exceptions following a MOV/POP to SS instruction. A local attacker could use this to cause a denial of service. This issue only affected the amd64 architecture. Andy Lutomirski discovered that the KVM subsystem of the Linux kernel did not properly emulate the ICEBP instruction following a MOV/POP to SS instruction. A local attacker in a KVM virtual machine could use this to cause a denial of service or possibly escalate privileges inside of the virtual machine. This issue only affected the i386 and amd64 architectures. Various other issues were also addressed.; tags | advisory, denial of service, kernel, local; systems | linux, ubuntu; advisories | CVE-2018-1000199, CVE-2018-1087, CVE-2018-8897; SHA-256 | 54c635a827000ad1e9720e3b153dc5b8af85ba11bc41d5f1f952f2e981d32393; Download | Favorite | View

Red Hat Security Advisory 2018-1354-01: Posted May 8, 2018; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2018-1354-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service, kernel; systems | linux, redhat; advisories | CVE-2018-1000199, CVE-2018-8897; SHA-256 | 07cf2a8a33944e25e41319038ec30d5b0e2287a5b973c6e77a3571ff6f0c29ac; Download | Favorite | View

Red Hat Security Advisory 2018-1355-01: Posted May 8, 2018; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2018-1355-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include denial of service and use-after-free vulnerabilities.; tags | advisory, denial of service, kernel, vulnerability; systems | linux, redhat; advisories | CVE-2017-16939, CVE-2018-1000199, CVE-2018-1068, CVE-2018-1087, CVE-2018-8897; SHA-256 | 4447e6e273f5b0f0d5eb8a44bada9595ed1bf052db276cd1a4d04938e84a19fc; Download | Favorite | View

Red Hat Security Advisory 2018-1348-01: Posted May 8, 2018; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2018-1348-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service, kernel; systems | linux, redhat; advisories | CVE-2018-1000199, CVE-2018-1087, CVE-2018-8897; SHA-256 | 77e14f8e97722364a934d0e7a3d7fefdf5f0cbf6c8b69da99369eb567ee670ad; Download | Favorite | View

Red Hat Security Advisory 2018-1347-01: Posted May 8, 2018; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2018-1347-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service, kernel; systems | linux, redhat; advisories | CVE-2018-1000199, CVE-2018-1087, CVE-2018-8897; SHA-256 | 64f3efd7e77588737cd63b6560896e2387734dbeceeab16e9ea654dd6a99b86e; Download | Favorite | View

Red Hat Security Advisory 2018-1345-01: Posted May 8, 2018; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2018-1345-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service, kernel; systems | linux, redhat; advisories | CVE-2018-1000199, CVE-2018-1087, CVE-2018-8897; SHA-256 | ec6a1a88ee637d3c9343ff659da54d46ac857b9268235cba505aa87bfc6a8343; Download | Favorite | View

Red Hat Security Advisory 2018-1318-01: Posted May 8, 2018; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2018-1318-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service and use-after-free vulnerabilities.; tags | advisory, denial of service, kernel, vulnerability; systems | linux, redhat; advisories | CVE-2017-16939, CVE-2018-1000199, CVE-2018-1068, CVE-2018-1087, CVE-2018-1091, CVE-2018-8897; SHA-256 | cbd3c6c3e9147b3d4a53a27345de22613a5693b4808c489836579c84720b9def; Download | Favorite | View

Kernel Live Patch Security Notice LSN-0037-1: Posted May 7, 2018; Authored by Benjamin M. Romer; Jann Horn discovered that the Berkeley Packet Filter (BPF) implementation in the Linux kernel improperly performed sign extension in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues were also addressed.; tags | advisory, denial of service, arbitrary, kernel, local; systems | linux; advisories | CVE-2017-0861, CVE-2017-15129, CVE-2017-16995, CVE-2017-17448, CVE-2017-17450, CVE-2018-1000199, CVE-2018-5333, CVE-2018-5344, CVE-2018-8043; SHA-256 | 39ead24f1d46a53a4118ca65333192e8b23de00376f175ad713483a533c61a56; Download | Favorite | View