CVE-2018-20669

Опубликовано: 21 мар. 2019

Источник: nvd

CVSS3: 7.8

CVSS2: 7.2

EPSS Низкий

Описание

An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation.

Ссылки

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/drivers/gpu/drm/i915/i915_gem_execbuffer.c
Release Notes
Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html
Mailing List
Third Party Advisory
http://www.openwall.com/lists/oss-security/2019/01/23/6
Exploit
Mailing List
Patch
Third Party Advisory
http://www.securityfocus.com/bid/106748
Broken Link
Third Party Advisory
VDB Entry
https://access.redhat.com/security/cve/cve-2018-20669
Third Party Advisory
https://security.netapp.com/advisory/ntap-20190404-0002/
Third Party Advisory
https://support.f5.com/csp/article/K32059550
Third Party Advisory
https://usn.ubuntu.com/4485-1/
Third Party Advisory
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/drivers/gpu/drm/i915/i915_gem_execbuffer.c
Release Notes
Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html
Mailing List
Third Party Advisory
http://www.openwall.com/lists/oss-security/2019/01/23/6
Exploit
Mailing List
Patch
Third Party Advisory
http://www.securityfocus.com/bid/106748
Broken Link
Third Party Advisory
VDB Entry
https://access.redhat.com/security/cve/cve-2018-20669
Third Party Advisory
https://security.netapp.com/advisory/ntap-20190404-0002/
Third Party Advisory
https://support.f5.com/csp/article/K32059550
Third Party Advisory
https://usn.ubuntu.com/4485-1/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.13 (включая) до 4.14.185 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.15 (включая) до 4.19.129 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.20 (включая) до 5.0 (исключая)

Конфигурация 2

Одно из

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

Конфигурация 3

Одно из

cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:snapprotect:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*

Конфигурация 4

Одновременно

cpe:2.3:o:netapp:cn1610_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:cn1610:-:*:*:*:*:*:*:*

EPSS

Процентиль: 28%

0.00096

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-20

Связанные уязвимости

CVE-2018-20669

CVSS3: 7.8

ubuntu

больше 6 лет назад

CVE-2018-20669

CVSS3: 7.8

redhat

больше 6 лет назад

CVE-2018-20669

CVSS3: 7.8

debian

больше 6 лет назад

An issue where a provided address with access_ok() is not checked was ...

GHSA-3jgv-8wx7-rw7p

CVSS3: 7.8

github

больше 3 лет назад

openSUSE-SU-2019:0203-1

suse-cvrf

больше 6 лет назад

Security update for the Linux Kernel

EPSS

Процентиль: 28%

0.00096

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-20