An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the obtained kernel pointer to discover the location of kernel code and data and bypass kernel security protections such as KASLR.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
21 Nov 2024, 04:12
Type | Values Removed | Values Added |
---|---|---|
References | () https://access.redhat.com/errata/RHSA-2019:2029 - | |
References | () https://access.redhat.com/errata/RHSA-2019:2043 - | |
References | () https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html - | |
References | () https://lkml.org/lkml/2018/3/7/1116 - Exploit, Third Party Advisory | |
References | () https://usn.ubuntu.com/3695-1/ - Third Party Advisory | |
References | () https://usn.ubuntu.com/3695-2/ - Third Party Advisory | |
References | () https://usn.ubuntu.com/3696-1/ - Third Party Advisory | |
References | () https://usn.ubuntu.com/3696-2/ - Third Party Advisory | |
References | () https://usn.ubuntu.com/3697-1/ - Third Party Advisory | |
References | () https://usn.ubuntu.com/3697-2/ - Third Party Advisory | |
References | () https://usn.ubuntu.com/3698-1/ - Third Party Advisory | |
References | () https://usn.ubuntu.com/3698-2/ - Third Party Advisory | |
References | () https://www.debian.org/security/2018/dsa-4308 - |
Information
Published : 2018-03-08 07:29
Updated : 2024-11-21 04:12
NVD link : CVE-2018-7755
Mitre link : CVE-2018-7755
CVE.ORG link : CVE-2018-7755
JSON object : View
Products Affected
canonical
- ubuntu_linux
linux
- linux_kernel
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor