CVE-2018-5750

Опубликовано: 19 дек. 2017

Источник: redhat

CVSS3: 3.3

EPSS Низкий

Описание

The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel through 4.14.15 allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call.

The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel, through 4.14.15, allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call.

Отчет

This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, and Red Hat Enterprise MRG 2, as KASLR feature is not present or enabled in these products. This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7, its real-time kernel, Red Hat Enterprise Linux 7 for ARM 64 and Red Hat Enterprise Linux 7 for Power 9 LE. Future Linux kernel updates for the respective releases may address this issue.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 8	kernel	Not affected
Red Hat Enterprise MRG 2	realtime-kernel	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Fixed	RHSA-2018:0676	10.04.2018
Red Hat Enterprise Linux 7	kernel	Fixed	RHSA-2018:1062	10.04.2018
Red Hat Enterprise Linux 7	kernel-alt	Fixed	RHSA-2018:2948	30.10.2018

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-200

https://bugzilla.redhat.com/show_bug.cgi?id=1539706kernel: Kernel address information leak in drivers/acpi/sbshc.c:acpi_smbus_hc_add() function potentially allowing KASLR bypass

EPSS

Процентиль: 4%

0.00023

Низкий

3.3 Low

CVSS3

Связанные уязвимости

CVE-2018-5750

CVSS3: 5.5

ubuntu

больше 7 лет назад

The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel through 4.14.15 allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call.

CVE-2018-5750

CVSS3: 5.5

nvd

больше 7 лет назад

The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel through 4.14.15 allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call.

CVE-2018-5750

CVSS3: 5.5

debian

больше 7 лет назад

The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux ke ...

GHSA-2mwq-2q44-8rc8

CVSS3: 5.5

github

около 3 лет назад

The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel through 4.14.15 allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call.

ELSA-2019-4742

oracle-oval

почти 6 лет назад

ELSA-2019-4742: Unbreakable Enterprise kernel security update (IMPORTANT)

EPSS

Процентиль: 4%

0.00023

Низкий

3.3 Low

CVSS3