PT-2018-17242 · Linux+1 · Linux Kernel+1

Published

2018-01-24

Updated

2025-09-29

CVE-2018-5953

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.14.15

Description: The issue allows local users to obtain sensitive address information. This is achieved by reading dmesg data from a "software IO TLB" printk call, specifically through the swiotlb print info function in lib/swiotlb.c.

Recommendations: For Linux kernel versions prior to 4.14.15, update to version 4.14.15 or later to resolve the issue. As a temporary workaround, consider restricting access to dmesg data to minimize the risk of exploitation.

Exploit

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

ALSA-2025_16880

ALT-PU-2018-1077

ALT-PU-2018-1991

CVE-2018-5953

DLA-1731-1

DLA-1731-2

Affected Products

Alt Linux

Linux Kernel

PT-2018-17242 · Linux+1 · Linux Kernel+1

CVE-2018-5953

Weakness Enumeration

Related Identifiers

Affected Products

References · 13