Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-1118

Опубликовано: 10 мая 2018
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 2.1
CVSS3: 2.3

Описание

Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file.

РелизСтатусПримечание
artful

ignored

end of life
bionic

released

4.15.0-34.37
cosmic

not-affected

4.17.0-6.7
devel

not-affected

4.18.0-10.11
esm-infra-legacy/trusty

not-affected

esm-infra/bionic

not-affected

4.15.0-34.37
esm-infra/xenial

not-affected

precise/esm

not-affected

trusty

not-affected

trusty/esm

not-affected

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

released

4.15.0-1021.21
cosmic

not-affected

4.15.0-1021.21
devel

not-affected

4.18.0-1002.3
esm-infra-legacy/trusty

not-affected

esm-infra/bionic

not-affected

4.15.0-1021.21
esm-infra/xenial

not-affected

precise/esm

DNE

trusty

not-affected

trusty/esm

not-affected

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

released

4.15.0-1023.24
cosmic

not-affected

4.18.0-1003.3
devel

not-affected

4.18.0-1003.3
esm-infra-legacy/trusty

not-affected

4.15.0-1023.24~14.04.1
esm-infra/bionic

not-affected

4.15.0-1023.24
esm-infra/xenial

not-affected

4.15.0-1023.24~16.04.1
precise/esm

DNE

trusty

not-affected

4.15.0-1023.24~14.04.1
trusty/esm

not-affected

4.15.0-1023.24~14.04.1

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.18.0-1003.3~18.04.1
cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

4.18.0-1003.3~18.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.18~rc1
xenial

released

4.15.0-1023.24

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.18~rc1

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

4.18~rc1

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

released

4.15.0-1019.20
cosmic

not-affected

4.15.0-1019.20
devel

not-affected

4.18.0-1002.3
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

4.15.0-1019.20
esm-infra/xenial

not-affected

4.15.0-1019.20~16.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.18~rc1
xenial

ignored

end of standard support, was needs-triage

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

4.18~rc1

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

4.18~rc1
xenial

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

not-affected

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

esm-infra/xenial

not-affected

4.15.0-34.37~16.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

not-affected

4.18.0-11.12~18.04.1
cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

4.18.0-11.12~18.04.1
esm-infra/xenial

not-affected

4.15.0-34.37~16.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

released

4.15.0-1021.21
cosmic

not-affected

4.15.0-1021.21
devel

not-affected

4.18.0-1003.3
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

4.15.0-1021.21
esm-infra/xenial

not-affected

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

precise/esm

not-affected

trusty

DNE

trusty/esm

DNE

upstream

released

4.18~rc1
xenial

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [end of standard support]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [end of standard support]
upstream

released

4.18~rc1
xenial

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [end of standard support]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [end of standard support]
upstream

released

4.18~rc1
xenial

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [end of standard support]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [end of standard support]
upstream

released

4.18~rc1
xenial

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

not-affected

precise/esm

DNE

trusty

not-affected

trusty/esm

not-affected

upstream

released

4.18~rc1
xenial

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

4.18~rc1
xenial

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

4.18~rc1

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

4.18~rc1
xenial

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

released

4.15.0-1018.21
cosmic

not-affected

4.15.0-1018.21
devel

not-affected

4.15.0-1021.24
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

4.15.0-1018.21
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.18~rc1

Показывать по

РелизСтатусПримечание
artful

ignored

end of life
bionic

released

4.15.0-1022.24
cosmic

not-affected

4.15.0-1022.24
devel

not-affected

4.18.0-1005.7
esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.18~rc1
xenial

not-affected

Показывать по

РелизСтатусПримечание
artful

not-affected

bionic

not-affected

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.18~rc1
xenial

not-affected

Показывать по

Ссылки на источники

EPSS

Процентиль: 9%
0.00036
Низкий

2.1 Low

CVSS2

2.3 Low

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-1118

CVSS3: 2.3
redhat
около 7 лет назад

Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file.

nvd логотип

CVE-2018-1118

CVSS3: 2.3
nvd
около 7 лет назад

Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file.

debian логотип

CVE-2018-1118

CVSS3: 2.3
debian
около 7 лет назад

Linux kernel vhost since version 4.8 does not properly initialize memo ...

github логотип

GHSA-h6c2-frm7-53hm

CVSS3: 5.5
github
около 3 лет назад

Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file.

fstec логотип

BDU:2021-01420

CVSS3: 5.5
fstec
около 7 лет назад

Уязвимость функции vhost_new_msg() ядра операционной системы Linux, позволяющая нарушителю получить доступ к конфиденциальным данным

EPSS

Процентиль: 9%
0.00036
Низкий

2.1 Low

CVSS2

2.3 Low

CVSS3

Уязвимость CVE-2018-1118