Knowledge Library
Knowledge Library Home
Knowledge Library Home Knowledge Library Products Operating Systems Wind River Linux Wind River Linux 8 Kernel & BSP Development LIN8-10024 : Security Advisory - linux - CVE-2018-18710

LIN8-10024 : Security Advisory - linux - CVE-2018-18710

Table of contents
Defect #: LIN8-10024
Found In Version8.0.0.28
Fix Version8.0.0.28
Severity:Standard
Status:Fixed
Created Date:10/31/2018
Component/s :Kernel
Sub Component:linux-kernel

Description

An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658.

https://nvd.nist.gov/vuln/detail/CVE-2018-18710

Downloads


KLID_DEFECT (use as Content ID for linking):  KLID_DEFECT_57910
 
Last modified