CVE-2018-18397 vulnerability in Red Hat and Other Products
Published on December 12, 2018

The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2018-18397

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2018-18397 are published in these products:

Red Hat Openshift Container Platform

Red Hat Virtualization Host

Canonical Ubuntu Linux

Linux Kernel

Red Hat Enterprise Linux Desktop

Red Hat Enterprise Linux Server

Red Hat Enterprise Linux Server Aus

Red Hat Enterprise Linux Server Eus

Red Hat Enterprise Linux Server Tus

Red Hat Enterprise Linux Workstation

Exploit Probability

EPSS

0.07%

Percentile

20.69%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-18397 vulnerability in Red Hat and Other ProductsPublished on December 12, 2018

Products Associated with CVE-2018-18397

Exploit Probability

CVE-2018-18397 vulnerability in Red Hat and Other Products
Published on December 12, 2018