PT-2018-18627 · Linux+5 · Linux Kernel+5

Eyal Itkin

·

Published

2018-03-30

·

Updated

2023-03-03

·

CVE-2018-8781

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions 3.4 through 4.15
Description The issue allows local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in code execution in kernel space. This is due to an integer-overflow vulnerability in the udl fb mmap function.
Recommendations For Linux kernel versions 3.4 through 4.15, consider restricting access to the udldrmfb driver to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

ALT-PU-2018-1511
ALT-PU-2018-1512
CESA-2018_3083
CVE-2018-8781
DLA-1369-1
DSA-4187-1
DSA-4188-1
OPENSUSE-SU-2018_1418-1
OPENSUSE-SU-2018_2119-1
RHSA-2018:2948
RHSA-2018:3083
RHSA-2018:3096
RHSA-2018_3083
RHSA-2018_3096
SUSE-SU-2018:1173-1
SUSE-SU-2018:1173-2
SUSE-SU-2018:1220-1
SUSE-SU-2018:1221-1
SUSE-SU-2018:1366-1
SUSE-SU-2018:1505-1
SUSE-SU-2018:1506-1
SUSE-SU-2018:1509-1
SUSE-SU-2018:1510-1
SUSE-SU-2018:1511-1
SUSE-SU-2018:1512-1
SUSE-SU-2018:1513-1
SUSE-SU-2018:1514-1
SUSE-SU-2018:1516-1
SUSE-SU-2018:1517-1
SUSE-SU-2018:1518-1
SUSE-SU-2018:1519-1
SUSE-SU-2018:1520-1
SUSE-SU-2018:1521-1
SUSE-SU-2018:1522-1
SUSE-SU-2018:1523-1
SUSE-SU-2018:1524-1
SUSE-SU-2018:1526-1
SUSE-SU-2018:1528-1
SUSE-SU-2018:1529-1
SUSE-SU-2018:1530-1
SUSE-SU-2018:1531-1
SUSE-SU-2018:1532-1
SUSE-SU-2018:1533-1
SUSE-SU-2018:1534-1
SUSE-SU-2018:1535-1
SUSE-SU-2018:1536-1
SUSE-SU-2018:1537-1
SUSE-SU-2018:1538-1
SUSE-SU-2018:1539-1
SUSE-SU-2018:1540-1
SUSE-SU-2018:1541-1
SUSE-SU-2018:1543-1
SUSE-SU-2018:1545-1
SUSE-SU-2018:1546-1
SUSE-SU-2018:1548-1
SUSE-SU-2018:1549-1
SUSE-SU-2018:1636-1
SUSE-SU-2018:1637-1
SUSE-SU-2018:1639-1
SUSE-SU-2018:1640-1
SUSE-SU-2018:1641-1
SUSE-SU-2018:1642-1
SUSE-SU-2018:1643-1
SUSE-SU-2018:1644-1
SUSE-SU-2018:1645-1
SUSE-SU-2018:1648-1
SUSE-SU-2018:1816-1
SUSE-SU-2018:2092-1
USN-3654-1
USN-3654-2
USN-3656-1
USN-3674-1
USN-3674-2
USN-3677-1
USN-3677-2

Affected Products

Alt Linux
Centos
Linux Kernel
Red Hat
Suse
Ubuntu