CVE-2018-18397 - Vulncode-DB

CVE-2018-18397 (NVD)

2018-12-12

The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c.

Products	Ubuntu_linux, Linux_kernel, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Openshift_container_platform, Virtualization_host
Type	Incorrect Authorization (CWE-863)
First patch	https://github.com/torvalds/linux/commit/29ec90660d68bbdd69507c1c8b4e33aa299278b1
Relevant file/s	• ./fs/userfaultfd.c (modified, +15) • ./mm/userfaultfd.c (modified, +6, -9)
Links	• https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.87 • https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.7 • https://usn.ubuntu.com/3903-1/ • https://usn.ubuntu.com/3903-2/ • https://access.redhat.com/errata/RHSA-2019:0163 More/Less (8) • https://access.redhat.com/errata/RHBA-2019:0327 • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=29ec90660d68bbdd69507c1c8b4e33aa299278b1 • https://usn.ubuntu.com/3901-1/ • https://usn.ubuntu.com/3901-2/ • https://access.redhat.com/errata/RHSA-2019:0202 • https://access.redhat.com/errata/RHSA-2019:0324 • https://bugs.chromium.org/p/project-zero/issues/detail?id=1700 • https://access.redhat.com/errata/RHSA-2019:0831

linux - Tree: 29ec90660d

(? files)

Filter Settings

All Files

Relevant Files

Vulnerable Files

Patched Files

Files

VS-Dark VS-Bright Monokai Darcula

Navigation

Patch data:

(on by default)

Patched area: