PT-2018-2980 · Linux+2 · Linux Kernel+2

Jann Horn

Published

2018-09-13

Updated

2019-09-02

CVE-2018-20511

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.18.11

Description An issue in the Linux kernel allows local users to obtain sensitive kernel address information. This is achieved by leveraging CAP NET ADMIN to read the ipddp route dev and next fields via an SIOCFINDIPDDPRT ioctl call. The vulnerability is related to insufficient protection of internal data in the ipddp ioctl function, located in drivers/net/appletalk/ipddp.c.

Recommendations For Linux kernel versions prior to 4.18.11, update to version 4.18.11 or later to resolve the issue. As a temporary workaround, consider restricting access to the ipddp ioctl function or limiting the use of the SIOCFINDIPDDPRT ioctl call to minimize the risk of exploitation.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

ALT-PU-2018-2408

ALT-PU-2018-2420

ALT-PU-2019-1433

BDU:2019-03067

CVE-2018-20511

DLA-1731-1

DLA-1731-2

USN-4094-1

USN-4118-1

Affected Products

Alt Linux

Linux Kernel

Ubuntu

PT-2018-2980 · Linux+2 · Linux Kernel+2

CVE-2018-20511

Weakness Enumeration

Related Identifiers

Affected Products

References · 95