exploit the possibilities
Showing 1 - 8 of 8 RSS Feed

CVE-2018-18397

Status Candidate

Overview

The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c.

Related Files

Ubuntu Security Notice USN-3903-2
Posted Mar 6, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3903-2 - USN-3903-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.10 for Ubuntu 18.04 LTS. Jason Wang discovered that the vhost net driver in the Linux kernel contained an out of bounds write vulnerability. An attacker in a guest virtual machine could use this to cause a denial of service or possibly execute arbitrary code in the host kernel. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-16880, CVE-2018-18397, CVE-2019-6133
MD5 | 5e5d9cbb5878ed83496a64b72a97df4f
Ubuntu Security Notice USN-3903-1
Posted Mar 6, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3903-1 - Jason Wang discovered that the vhost net driver in the Linux kernel contained an out of bounds write vulnerability. An attacker in a guest virtual machine could use this to cause a denial of service or possibly execute arbitrary code in the host kernel. Jann Horn discovered that the userfaultd implementation in the Linux kernel did not properly restrict access to certain ioctls. A local attacker could use this possibly to modify files. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-16880, CVE-2018-18397, CVE-2019-6133
MD5 | 1bae64cc96939b5670016270682ddee8
Ubuntu Security Notice USN-3901-2
Posted Mar 6, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3901-2 - USN-3901-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Jann Horn discovered that the userfaultd implementation in the Linux kernel did not properly restrict access to certain ioctls. A local attacker could use this possibly to modify files. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-18397, CVE-2018-19854, CVE-2019-6133
MD5 | b16c27e4df4131e0ce265e946b97e632
Ubuntu Security Notice USN-3901-1
Posted Mar 6, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3901-1 - Jann Horn discovered that the userfaultd implementation in the Linux kernel did not properly restrict access to certain ioctls. A local attacker could use this possibly to modify files. It was discovered that the crypto subsystem of the Linux kernel leaked uninitialized memory to user space in some situations. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, crypto
systems | linux, ubuntu
advisories | CVE-2018-18397, CVE-2018-19854, CVE-2019-6133
MD5 | 6ab9958194be37f509bff70f83a95612
Red Hat Security Advisory 2019-0324-01
Posted Feb 12, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0324-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.

tags | advisory, kernel, bypass
systems | linux, redhat
advisories | CVE-2018-18397
MD5 | 1a59c85baccb480e7ff45c4e92cbdc7f
Red Hat Security Advisory 2019-0163-01
Posted Jan 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0163-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-18397, CVE-2018-18559
MD5 | 9a235254df1243e6a599bdccebddd2df
Red Hat Security Advisory 2019-0202-01
Posted Jan 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0202-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.

tags | advisory, kernel, bypass
systems | linux, redhat
advisories | CVE-2018-18397
MD5 | 1ba0124bbfb16134d76b0bd15bd89e62
Linux userfaultfd tmpfs File Permission Bypass
Posted Dec 12, 2018
Authored by Jann Horn, Google Security Research

Linux userfaultfd bypasses tmpfs file permissions.

tags | exploit
systems | linux
advisories | CVE-2018-18397
MD5 | 61256d48b95082beb5d8e4ef759bcd4c
Page 1 of 1
Back1Next

File Archive:

March 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    15 Files
  • 2
    Mar 2nd
    5 Files
  • 3
    Mar 3rd
    3 Files
  • 4
    Mar 4th
    25 Files
  • 5
    Mar 5th
    20 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    12 Files
  • 9
    Mar 9th
    3 Files
  • 10
    Mar 10th
    4 Files
  • 11
    Mar 11th
    23 Files
  • 12
    Mar 12th
    12 Files
  • 13
    Mar 13th
    12 Files
  • 14
    Mar 14th
    19 Files
  • 15
    Mar 15th
    12 Files
  • 16
    Mar 16th
    3 Files
  • 17
    Mar 17th
    1 Files
  • 18
    Mar 18th
    15 Files
  • 19
    Mar 19th
    1 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close