PT-2018-3511 · Linux+4 · Linux Kernel+4

Andy Lutomirski

·

Publicado

2018-05-01

·

Atualizado

2020-09-04

·

CVE-2018-1000199

CVSS v3.1

5.5

Média

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions: Linux Kernel version 3.18
Description: The issue is related to a dangerous feature vulnerability in the modify user hw breakpoint() function, which can lead to a crash and possibly memory corruption. This can be exploited via local code execution and the ability to use ptrace. The vulnerability is associated with incorrect error handling.
Recommendations: For Linux Kernel version 3.18, consider applying the fix from git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f to resolve the issue. As a temporary workaround, consider restricting the use of ptrace to minimize the risk of exploitation.

Correção

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-388CWE-119

Identificadores relacionados

BDU:2020-03227
CESA-2018_1318
CVE-2018-1000199
DLA-1369-1
DSA-4187-1
DSA-4188-1
OPENSUSE-SU-2018_1418-1
OPENSUSE-SU-2020:0801-1
OPENSUSE-SU-2020_0801-1
RHSA-2018:1318
RHSA-2018:1345
RHSA-2018:1347
RHSA-2018:1348
RHSA-2018:1354
RHSA-2018:1355
RHSA-2018:1374
RHSA-2018_1318
RHSA-2018_1355
SUSE-SU-2018:1222-1
SUSE-SU-2018:1223-1
SUSE-SU-2018:1224-1
SUSE-SU-2018:1225-1
SUSE-SU-2018:1226-1
SUSE-SU-2018:1227-1
SUSE-SU-2018:1228-1
SUSE-SU-2018:1229-1
SUSE-SU-2018:1230-1
SUSE-SU-2018:1231-1
SUSE-SU-2018:1232-1
SUSE-SU-2018:1233-1
SUSE-SU-2018:1234-1
SUSE-SU-2018:1235-1
SUSE-SU-2018:1236-1
SUSE-SU-2018:1237-1
SUSE-SU-2018:1238-1
SUSE-SU-2018:1239-1
SUSE-SU-2018:1240-1
SUSE-SU-2018:1241-1
SUSE-SU-2018:1242-1
SUSE-SU-2018:1243-1
SUSE-SU-2018:1244-1
SUSE-SU-2018:1245-1
SUSE-SU-2018:1246-1
SUSE-SU-2018:1247-1
SUSE-SU-2018:1248-1
SUSE-SU-2018:1249-1
SUSE-SU-2018:1250-1
SUSE-SU-2018:1251-1
SUSE-SU-2018:1252-1
SUSE-SU-2018:1253-1
SUSE-SU-2018:1254-1
SUSE-SU-2018:1255-1
SUSE-SU-2018:1256-1
SUSE-SU-2018:1257-1
SUSE-SU-2018:1258-1
SUSE-SU-2018:1259-1
SUSE-SU-2018:1260-1
SUSE-SU-2018:1261-1
SUSE-SU-2018:1262-1
SUSE-SU-2018:1263-1
SUSE-SU-2018:1264-1
SUSE-SU-2018:1266-1
SUSE-SU-2018:1267-1
SUSE-SU-2018:1268-1
SUSE-SU-2018:1269-1
SUSE-SU-2018:1270-1
SUSE-SU-2018:1272-1
SUSE-SU-2018:1273-1
SUSE-SU-2018:1366-1
SUSE-SU-2018:1368-1
SUSE-SU-2018:1374-1
SUSE-SU-2018:1375-1
SUSE-SU-2018:1376-1
SUSE-SU-2018:1508-1
SUSE-SU-2018:1525-1
SUSE-SU-2018:1550-1
SUSE-SU-2018:1551-1
SUSE-SU-2018:1816-1
SUSE-SU-2018:1846-1
SUSE-SU-2018:1855-1
SUSE-SU-2018:1855-2
SUSE-SU-2018_1223-1
SUSE-SU-2018_1239-1
SUSE-SU-2018_1258-1
SUSE-SU-2018_1508-1
SUSE-SU-2018_1525-1
SUSE-SU-2018_1550-1
SUSE-SU-2018_1551-1
SUSE-SU-2020:1587-1
SUSE-SU-2020:1599-1
SUSE-SU-2020:1602-1
SUSE-SU-2020:1603-1
SUSE-SU-2020:1604-1
SUSE-SU-2020:1605-1
SUSE-SU-2020:1646-1
SUSE-SU-2020:1656-1
SUSE-SU-2020:1663-1
SUSE-SU-2020:1671-1
SUSE-SU-2020:1754-1
SUSE-SU-2020:1758-1
SUSE-SU-2020:1775-1
SUSE-SU-2020:2156-1
SUSE-SU-2020:2478-1
SUSE-SU-2020:2487-1
SUSE-SU-2020_1587-1
SUSE-SU-2020_1599-1
SUSE-SU-2020_1602-1
SUSE-SU-2020_1603-1
SUSE-SU-2020_1604-1
SUSE-SU-2020_1605-1
SUSE-SU-2020_1646-1
SUSE-SU-2020_1656-1
SUSE-SU-2020_1663-1
SUSE-SU-2020_1671-1
USN-3641-1
USN-3641-2

Produtos afetados

Centos
Linux Kernel
Red Hat
Suse
Ubuntu