Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2018-11508Sensitive Information Exposure in Kernel

CWE-200Sensitive Information ExposureCWE-456Missing Initialization of a Variable20 documents9 sources
Severity
5.5MEDIUMNVD
EPSS
1.5%
top 18.62%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
Linux KernelDebian LinuxCanonical Ubuntu Linux
Timeline
PublishedMay 28
Latest updateOct 7

Description

The compat_get_timex function in kernel/compat.c in the Linux kernel before 4.16.9 allows local users to obtain sensitive information from kernel memory via adjtimex.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel< 4.16.9
Debianlinux/linux_kernel< 4.16.12-1+3
Ubuntulinux/linux_kernel< 4.15.0-24.26+1
debiandebian/linux< linux 4.16.12-1 (bookworm)

Also affects: Ubuntu Linux 16.04, 17.10, 18.04

Patches

Patch: git.kernel.orgPatch: github.comPatch: git.kernel.org

🔴Vulnerability Details

7
GHSA
GHSA-j435-p44w-r9xj: The compat_get_timex function in kernel/compat2022-05-14
OSV
linux-hwe, linux-azure, linux-gcp regression2018-07-21
OSV
linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oem regression2018-07-21
OSV
linux-hwe, linux-azure vulnerabilities2018-07-02
OSV
linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oem, linux-raspi2 vulnerabilities2018-07-02

💥Exploits & PoCs

1
Exploit-DB
Linux Kernel 4.13 - 'compat_get_timex()' Leak Kernel Pointer2019-01-21

📋Vendor Advisories

8
Ubuntu
Linux kernel regression2018-07-21
Ubuntu
Linux kernel (HWE) regression2018-07-21
Ubuntu
Linux kernel vulnerabilities2018-07-02
Ubuntu
Linux kernel (HWE) vulnerabilities2018-07-02
Ubuntu
Linux kernel vulnerabilities2018-07-02

📄Research Papers

1
arXiv
Breaking Precision Time: OS Vulnerability Exploits Against IEEE 15882025-10-07

💬Community

2
Bugzilla
CVE-2018-11508 kernel: Missing initialization in kernel/compat.c:compat_get_timex() allows local attacker to obtain possibly sensitive information via adjtimex [fedora-all]2018-05-28
Bugzilla
CVE-2018-11508 kernel: Missing initialization in kernel/compat.c:compat_get_timex() allows local attacker to obtain possibly sensitive information via adjtimex2018-05-28