CVE-2018-18710 - Vulncode-DB

CVE-2018-18710 (NVD)

2018-10-29

An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658.

Products	Ubuntu_linux, Debian_linux, Linux_kernel
Type	Information Exposure (CWE-200)
First patch	https://github.com/torvalds/linux/commit/e4f3aa2e1e67bb48dfbaaf1cad59013d5a5bc276
Relevant file/s	./drivers/cdrom/cdrom.c (modified, +1, -1)
Links	• http://www.securityfocus.com/bid/106041 • https://usn.ubuntu.com/3848-2/ • https://usn.ubuntu.com/3849-1/ • https://usn.ubuntu.com/3847-1/ • https://usn.ubuntu.com/3849-2/ More/Less (8) • https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html • https://usn.ubuntu.com/3846-1/ • https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html • https://usn.ubuntu.com/3848-1/ • https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html • https://usn.ubuntu.com/3847-2/ • https://usn.ubuntu.com/3847-3/ • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e4f3aa2e1e67bb48dfbaaf1cad59013d5a5bc276

linux - Tree: e4f3aa2e1e

(? files)

Filter Settings

All Files

Relevant Files

Vulnerable Files

Patched Files

Files

VS-Dark VS-Bright Monokai Darcula

Navigation

Patch data:

(on by default)

Patched area: