CVE-2018-20511

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.18.11

Description An issue in the Linux kernel allows local users to obtain sensitive kernel address information. This is achieved by leveraging CAP NET ADMIN to read the ipddp route dev and next fields via an SIOCFINDIPDDPRT ioctl call. The vulnerability is related to insufficient protection of internal data in the ipddp ioctl function, located in drivers/net/appletalk/ipddp.c.

Recommendations For Linux kernel versions prior to 4.18.11, update to version 4.18.11 or later to resolve the issue. As a temporary workaround, consider restricting access to the ipddp ioctl function or limiting the use of the SIOCFINDIPDDPRT ioctl call to minimize the risk of exploitation.