Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).
CVE-2018-18397 — Incorrect Authorization in Kernel
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 79.21%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
Timeline
PublishedDec 12
Latest updateMay 13
Description
The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c.
CVSS vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:NExploitability: 1.8 | Impact: 3.6
Affected Packages7 packages
Also affects: Ubuntu Linux 14.04, 16.04, 18.04, 18.10, Enterprise Linux 7.4, 7.6, 7.5, Openshift Container Platform 3.11
Patches
🔴Vulnerability Details
6OSV▶
linux, linux-aws, linux-gcp, linux-kvm, linux-oem, linux-oracle, linux-raspi2 vulnerabilities↗2019-03-05