PT-2018-1157 · Linux+5 · Linux Kernel+5

Syzbot

·

Publicado

2018-02-19

·

Atualizado

2024-06-15

·

CVE-2018-1068

CVSS v2.0

7.2

Alta

VetorAV:L/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel versions 4.x
Description A flaw in the Linux kernel's 32-bit syscall interface for bridging allows a privileged user to arbitrarily write to a limited range of kernel memory. This issue is related to a buffer overflow in the kernel memory, which can be exploited to elevate privileges.
Recommendations For Linux kernel version 4.x, consider applying a patch or configuration change to restrict access to the vulnerable syscall interface until a fixed version is available. As a temporary workaround, restrict the use of the 32-bit syscall interface for bridging to minimize the risk of exploitation.

Exploit

Correção

Buffer Overflow

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119CWE-787

Identificadores relacionados

ALT-PU-2018-1452
ALT-PU-2018-1453
BDU:2018-00604
CESA-2018_1318
CVE-2018-1068
DLA-1369-1
DSA-4187-1
DSA-4188-1
MGASA-2018-0187
MGASA-2018-0264
MGASA-2018-0265
OPENSUSE-SU-2018_0781-1
OPENSUSE-SU-2024:10728-1
OPENSUSE-SU-2024:13704-1
RHSA-2018:1318
RHSA-2018:1355
RHSA-2018:2948
RHSA-2018_1318
RHSA-2018_1355
RHSA-2019:1170
RHSA-2019:1190
RHSA-2019:4159
SUSE-SU-2018:0785-1
SUSE-SU-2018:0786-1
SUSE-SU-2018:0834-1
SUSE-SU-2018:0848-1
SUSE-SU-2018:0988-1
SUSE-SU-2018:0989-1
SUSE-SU-2018:0990-1
SUSE-SU-2018:0992-1
SUSE-SU-2018:0993-1
SUSE-SU-2018:0994-1
SUSE-SU-2018:0995-1
SUSE-SU-2018:0996-1
SUSE-SU-2018:0997-1
SUSE-SU-2018:0998-1
SUSE-SU-2018:0999-1
SUSE-SU-2018:1000-1
SUSE-SU-2018:1001-1
SUSE-SU-2018:1002-1
SUSE-SU-2018:1003-1
SUSE-SU-2018:1004-1
SUSE-SU-2018:1005-1
SUSE-SU-2018:1006-1
SUSE-SU-2018:1007-1
SUSE-SU-2018:1008-1
SUSE-SU-2018:1009-1
SUSE-SU-2018:1010-1
SUSE-SU-2018:1011-1
SUSE-SU-2018:1012-1
SUSE-SU-2018:1013-1
SUSE-SU-2018:1014-1
SUSE-SU-2018:1015-1
SUSE-SU-2018:1016-1
SUSE-SU-2018:1018-1
SUSE-SU-2018:1019-1
SUSE-SU-2018:1020-1
SUSE-SU-2018:1021-1
SUSE-SU-2018:1022-1
SUSE-SU-2018:1023-1
SUSE-SU-2018:1024-1
SUSE-SU-2018:1025-1
SUSE-SU-2018:1026-1
SUSE-SU-2018:1027-1
SUSE-SU-2018:1028-1
SUSE-SU-2018:1029-1
SUSE-SU-2018:1030-1
SUSE-SU-2018:1031-1
SUSE-SU-2018:1032-1
SUSE-SU-2018:1033-1
SUSE-SU-2018:1034-1
SUSE-SU-2018:2332-1
SUSE-SU-2018:2366-1
SUSE-SU-2018:2637-1
USN-3654-1
USN-3654-2
USN-3656-1
USN-3674-1
USN-3674-2
USN-3677-1
USN-3677-2

Produtos afetados

Alt Linux
Centos
Linux Kernel
Red Hat
Suse
Ubuntu