Vulnerability Details : CVE-2018-14625
A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly intercept or corrupt AF_VSOCK messages destined to other clients.
Products affected by CVE-2018-14625
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-14625
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 26 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-14625
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.4
|
MEDIUM | AV:L/AC:M/Au:N/C:P/I:P/A:P |
3.4
|
6.4
|
NIST | |
7.0
|
HIGH | CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.0
|
5.9
|
NIST | |
5.3
|
MEDIUM | CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H |
1.0
|
4.2
|
Red Hat, Inc. |
CWE ids for CVE-2018-14625
-
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.Assigned by: nvd@nist.gov (Secondary)
-
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.Assigned by: secalert@redhat.com (Primary)
References for CVE-2018-14625
-
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14625
1619846 – (CVE-2018-14625) CVE-2018-14625 kernel: use-after-free Read in vhost_transport_send_pktIssue Tracking;Patch;Third Party Advisory
-
https://usn.ubuntu.com/3871-3/
USN-3871-3: Linux kernel (AWS, GCP, KVM, OEM, Raspberry Pi 2) vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://usn.ubuntu.com/3878-2/
USN-3878-2: Linux kernel (Azure) vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://usn.ubuntu.com/3872-1/
USN-3872-1: Linux kernel (HWE) vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html
[SECURITY] [DLA 1771-1] linux-4.9 security updateMailing List;Third Party Advisory
-
https://usn.ubuntu.com/3871-1/
USN-3871-1: Linux kernel vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:4154
RHSA-2019:4154 - Security Advisory - Red Hat Customer Portal
-
https://usn.ubuntu.com/3878-1/
USN-3878-1: Linux kernel vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://syzkaller.appspot.com/bug?extid=bd391451452fb0b93039
KASAN: use-after-free Read in vhost_transport_send_pktThird Party Advisory
-
https://usn.ubuntu.com/3871-4/
USN-3871-4: Linux kernel (HWE) vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:2029
RHSA-2019:2029 - Security Advisory - Red Hat Customer Portal
-
https://access.redhat.com/errata/RHSA-2019:2043
RHSA-2019:2043 - Security Advisory - Red Hat Customer Portal
-
https://usn.ubuntu.com/3871-5/
USN-3871-5: Linux kernel (Azure) vulnerabilities | Ubuntu security noticesThird Party Advisory
Jump to