Note:
This project will be discontinued after December 13, 2021. [more]
2018-08-07
The swiotlb_print_info function in lib/swiotlb.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "software IO TLB" printk call.
| Products | Debian_linux, Linux_kernel |
| Type | Information Exposure (CWE-200) |
| First patch | - None (likely due to unavailable code) |
| Patches | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7d63fb3af87aa67aa7d24466e792f9d7c57d8e79 |
| Links |
• https://github.com/johnsonwangqize/cve-linux/blob/master/%20CVE-2018-5953.md
• https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html • http://www.securityfocus.com/bid/105045 • https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html |