CVE-2018-1068 - Vulncode-DB

CVE-2018-1068 (NVD)

2018-03-16

A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.

Products	Ubuntu_linux, Debian_linux, Linux_kernel, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Virtualization_host
Type	Out-of-bounds Write (CWE-787)
First patch	https://github.com/torvalds/linux/commit/b71812168571fa55e44cdd0254471331b9c4c4c6
Patches	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b71812168571fa55e44cdd0254471331b9c4c4c6
Relevant file/s	./net/bridge/netfilter/ebtables.c (modified, +12, -1)
Links	• https://marc.info/?l=linux-netdev&m=152023808817590&w=2 • https://usn.ubuntu.com/3656-1/ • https://bugzilla.redhat.com/show_bug.cgi?id=1552048 • https://www.debian.org/security/2018/dsa-4188 • https://access.redhat.com/errata/RHSA-2018:2948 More/Less (15) • https://www.debian.org/security/2018/dsa-4187 • https://usn.ubuntu.com/3677-1/ • http://www.securityfocus.com/bid/103459 • https://access.redhat.com/errata/RHSA-2019:1170 • https://access.redhat.com/errata/RHSA-2019:4159 • https://access.redhat.com/errata/RHSA-2019:1190 • https://usn.ubuntu.com/3677-2/ • https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html • https://usn.ubuntu.com/3654-2/ • https://marc.info/?l=linux-netdev&m=152025888924151&w=2 • https://access.redhat.com/errata/RHSA-2018:1355 • https://usn.ubuntu.com/3674-1/ • https://access.redhat.com/errata/RHSA-2018:1318 • https://usn.ubuntu.com/3674-2/ • https://usn.ubuntu.com/3654-1/

linux - Tree: b718121685

(? files)

Filter Settings

All Files

Relevant Files

Vulnerable Files

Patched Files

Files

VS-Dark VS-Bright Monokai Darcula

Navigation

Patch data:

(on by default)

Patched area: