Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2018-18710

Опубликовано: 29 окт. 2018
Источник: nvd
CVSS3: 5.5
CVSS2: 2.1
EPSS Низкий

Описание

An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия до 4.19 (включая)
Конфигурация 2

Одно из

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

EPSS

Процентиль: 20%
0.00064
Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-200

Связанные уязвимости

ubuntu логотип

CVE-2018-18710

CVSS3: 5.5
ubuntu
больше 6 лет назад

An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658.

redhat логотип

CVE-2018-18710

CVSS3: 4.7
redhat
больше 6 лет назад

An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658.

debian логотип

CVE-2018-18710

CVSS3: 5.5
debian
больше 6 лет назад

An issue was discovered in the Linux kernel through 4.19. An informati ...

github логотип

GHSA-hj3r-hcwm-9448

CVSS3: 5.5
github
около 3 лет назад

An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658.

fstec логотип

BDU:2021-01437

CVSS3: 5.5
fstec
больше 6 лет назад

Уязвимость функции cdrom_ioctl_select_disc (drivers/cdrom/cdrom.c) ядра операционной системы Linux, позволяющая нарушителю получить доступ к конфиденциальным данным

EPSS

Процентиль: 20%
0.00064
Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-200