5.5

CVE-2017-18344

Exploit
The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent->sigev_notify field, which leads to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read). This allows userspace applications to read arbitrary kernel memory (on a kernel built with CONFIG_POSIX_TIMERS and CONFIG_CHECKPOINT_RESTORE).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 4.14.8
CanonicalUbuntu Linux Version12.04 SwEditionesm
CanonicalUbuntu Linux Version14.04 SwEditionlts
RedhatMrg Realtime Version2.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.23% 0.866
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:P/I:N/A:N
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://access.redhat.com/errata/RHSA-2018:3083
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3096
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2948
Third Party Advisory
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.8
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3540
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3586
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3590
Third Party Advisory
http://www.securityfocus.com/bid/104909
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1041414
Third Party Advisory
VDB Entry
https://access.redhat.com/errata/RHSA-2018:3459
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3591
Third Party Advisory
https://github.com/torvalds/linux/commit/cef31d9af908243421258f1df35a4a644604efbe
Patch
Third Party Advisory
https://usn.ubuntu.com/3742-1/
Third Party Advisory
https://usn.ubuntu.com/3742-2/
Third Party Advisory
https://www.exploit-db.com/exploits/45175/
Third Party Advisory
Exploit
VDB Entry