Vulnerability Details : CVE-2018-14656
A missing address check in the callers of the show_opcodes() in the Linux kernel allows an attacker to dump the kernel memory at an arbitrary kernel address into the dmesg log.
Vulnerability category: Input validation
Products affected by CVE-2018-14656
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:4.19:rc1:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-14656
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 23 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-14656
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:P/I:N/A:N |
3.9
|
2.9
|
NIST | |
5.5
|
MEDIUM | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
1.8
|
3.6
|
NIST | |
7.0
|
HIGH | CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.0
|
5.9
|
Red Hat, Inc. |
CWE ids for CVE-2018-14656
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by:
- nvd@nist.gov (Secondary)
- secalert@redhat.com (Primary)
References for CVE-2018-14656
-
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=342db04ae71273322f0011384a9ed414df8bdae4
kernel/git/torvalds/linux.git - Linux kernel source treePatch;Third Party Advisory
-
https://seclists.org/oss-sec/2018/q4/9
oss-sec: CVE-2018-14656: Linux kernel: arbitrary kernel memory dump into the dmesg logMailing List;Patch;Third Party Advisory
-
https://lore.kernel.org/lkml/20180828154901.112726-1-jannh%40google.com/T/
[PATCH v2] x86/dumpstack: don't dump kernel memory based on usermode RIP
-
http://www.securitytracker.com/id/1041804
Linux Kernel Missing Address Validation in show_opcodes() Lets Local Users Obtain Potentially Sensitive Information on the Target System - SecurityTrackerThird Party Advisory;VDB Entry
-
https://bugs.chromium.org/p/project-zero/issues/detail?id=1650
1650 - Linux: arbitrary kernel read into dmesg via missing address check in segfault handler - project-zero - MonorailIssue Tracking;Patch;Third Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14656
1629940 – (CVE-2018-14656) CVE-2018-14656 kernel: Arbitrary Kernel Read into dmesg via Missing Address Check in segfault HandlerIssue Tracking;Patch;Third Party Advisory
Jump to