Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2018-16658

Опубликовано: 26 апр. 2018
Источник: redhat
CVSS3: 4

Описание

An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940.

An information leak was discovered in the Linux kernel in cdrom_ioctl_drive_status() function in drivers/cdrom/cdrom.c that could be used by local attackers to read kernel memory at certain location.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelWill not fix
Red Hat Enterprise Linux 6kernelWill not fix
Red Hat Enterprise Linux 8kernelNot affected
Red Hat Enterprise MRG 2kernel-rtFix deferred
Red Hat Enterprise Linux 7kernel-rtFixedRHSA-2019:204307.08.2019
Red Hat Enterprise Linux 7kernelFixedRHSA-2019:202906.08.2019
Red Hat Enterprise Linux 7kernel-altFixedRHSA-2019:415410.12.2019

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-200
https://bugzilla.redhat.com/show_bug.cgi?id=1627731kernel: Information leak in cdrom_ioctl_drive_status

4 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2018-16658

CVSS3: 6.1
ubuntu
почти 7 лет назад

An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940.

nvd логотип

CVE-2018-16658

CVSS3: 6.1
nvd
почти 7 лет назад

An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940.

debian логотип

CVE-2018-16658

CVSS3: 6.1
debian
почти 7 лет назад

An issue was discovered in the Linux kernel before 4.18.6. An informat ...

github логотип

GHSA-289m-2pf5-x59p

CVSS3: 6.1
github
около 3 лет назад

An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940.

fstec логотип

BDU:2019-01343

CVSS3: 6.1
fstec
около 7 лет назад

Уязвимость функции cdrom_ioctl_drive_status() операционных систем Linux, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

4 Medium

CVSS3