CVE-2018-14625
CVE-2018-14625
A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly intercept or corrupt AF_VSOCK messages destined to other clients.
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
Produtos afetados
[UNKNOWN] · kernelQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://access.redhat.com/errata/RHSA-2019:2029https://access.redhat.com/errata/RHSA-2019:2043https://access.redhat.com/errata/RHSA-2019:4154https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14625https://lists.debian.org/debian-lts-announce/2019/05/msg00002.htmlhttps://syzkaller.appspot.com/bug?extid=bd391451452fb0b93039https://usn.ubuntu.com/3871-1/https://usn.ubuntu.com/3871-3/https://usn.ubuntu.com/3871-4/https://usn.ubuntu.com/3871-5/https://usn.ubuntu.com/3872-1/https://usn.ubuntu.com/3878-1/