PT-2018-3511 · Linux+4 · Linux Kernel+4

Andy Lutomirski

·

Published

2018-05-01

·

Updated

2020-09-04

·

CVE-2018-1000199

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions: Linux Kernel version 3.18
Description: The issue is related to a dangerous feature vulnerability in the modify user hw breakpoint() function, which can lead to a crash and possibly memory corruption. This can be exploited via local code execution and the ability to use ptrace. The vulnerability is associated with incorrect error handling.
Recommendations: For Linux Kernel version 3.18, consider applying the fix from git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f to resolve the issue. As a temporary workaround, consider restricting the use of ptrace to minimize the risk of exploitation.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-388CWE-119

Related Identifiers

BDU:2020-03227
CESA-2018_1318
CVE-2018-1000199
DLA-1369-1
DSA-4187-1
DSA-4188-1
OPENSUSE-SU-2018_1418-1
OPENSUSE-SU-2020:0801-1
OPENSUSE-SU-2020_0801-1
RHSA-2018:1318
RHSA-2018:1345
RHSA-2018:1347
RHSA-2018:1348
RHSA-2018:1354
RHSA-2018:1355
RHSA-2018:1374
RHSA-2018_1318
RHSA-2018_1355
SUSE-SU-2018:1222-1
SUSE-SU-2018:1223-1
SUSE-SU-2018:1224-1
SUSE-SU-2018:1225-1
SUSE-SU-2018:1226-1
SUSE-SU-2018:1227-1
SUSE-SU-2018:1228-1
SUSE-SU-2018:1229-1
SUSE-SU-2018:1230-1
SUSE-SU-2018:1231-1
SUSE-SU-2018:1232-1
SUSE-SU-2018:1233-1
SUSE-SU-2018:1234-1
SUSE-SU-2018:1235-1
SUSE-SU-2018:1236-1
SUSE-SU-2018:1237-1
SUSE-SU-2018:1238-1
SUSE-SU-2018:1239-1
SUSE-SU-2018:1240-1
SUSE-SU-2018:1241-1
SUSE-SU-2018:1242-1
SUSE-SU-2018:1243-1
SUSE-SU-2018:1244-1
SUSE-SU-2018:1245-1
SUSE-SU-2018:1246-1
SUSE-SU-2018:1247-1
SUSE-SU-2018:1248-1
SUSE-SU-2018:1249-1
SUSE-SU-2018:1250-1
SUSE-SU-2018:1251-1
SUSE-SU-2018:1252-1
SUSE-SU-2018:1253-1
SUSE-SU-2018:1254-1
SUSE-SU-2018:1255-1
SUSE-SU-2018:1256-1
SUSE-SU-2018:1257-1
SUSE-SU-2018:1258-1
SUSE-SU-2018:1259-1
SUSE-SU-2018:1260-1
SUSE-SU-2018:1261-1
SUSE-SU-2018:1262-1
SUSE-SU-2018:1263-1
SUSE-SU-2018:1264-1
SUSE-SU-2018:1266-1
SUSE-SU-2018:1267-1
SUSE-SU-2018:1268-1
SUSE-SU-2018:1269-1
SUSE-SU-2018:1270-1
SUSE-SU-2018:1272-1
SUSE-SU-2018:1273-1
SUSE-SU-2018:1366-1
SUSE-SU-2018:1368-1
SUSE-SU-2018:1374-1
SUSE-SU-2018:1375-1
SUSE-SU-2018:1376-1
SUSE-SU-2018:1508-1
SUSE-SU-2018:1525-1
SUSE-SU-2018:1550-1
SUSE-SU-2018:1551-1
SUSE-SU-2018:1816-1
SUSE-SU-2018:1846-1
SUSE-SU-2018:1855-1
SUSE-SU-2018:1855-2
SUSE-SU-2018_1223-1
SUSE-SU-2018_1239-1
SUSE-SU-2018_1258-1
SUSE-SU-2018_1508-1
SUSE-SU-2018_1525-1
SUSE-SU-2018_1550-1
SUSE-SU-2018_1551-1
SUSE-SU-2020:1587-1
SUSE-SU-2020:1599-1
SUSE-SU-2020:1602-1
SUSE-SU-2020:1603-1
SUSE-SU-2020:1604-1
SUSE-SU-2020:1605-1
SUSE-SU-2020:1646-1
SUSE-SU-2020:1656-1
SUSE-SU-2020:1663-1
SUSE-SU-2020:1671-1
SUSE-SU-2020:1754-1
SUSE-SU-2020:1758-1
SUSE-SU-2020:1775-1
SUSE-SU-2020:2156-1
SUSE-SU-2020:2478-1
SUSE-SU-2020:2487-1
SUSE-SU-2020_1587-1
SUSE-SU-2020_1599-1
SUSE-SU-2020_1602-1
SUSE-SU-2020_1603-1
SUSE-SU-2020_1604-1
SUSE-SU-2020_1605-1
SUSE-SU-2020_1646-1
SUSE-SU-2020_1656-1
SUSE-SU-2020_1663-1
SUSE-SU-2020_1671-1
USN-3641-1
USN-3641-2

Affected Products

Centos
Linux Kernel
Red Hat
Suse
Ubuntu