Vulnerability Details : CVE-2018-7566
The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.
Vulnerability category: Overflow
Products affected by CVE-2018-7566
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:4.15:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*
- cpe:2.3:a:suse:linux_enterprise_module_for_public_cloud:12:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:communications_eagle_application_processor:16.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:communications_eagle_application_processor:16.1.0:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-7566
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 8 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-7566
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST | |
7.8
|
HIGH | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2018-7566
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
-
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-7566
-
https://access.redhat.com/errata/RHSA-2019:1483
RHSA-2019:1483 - Security Advisory - Red Hat Customer Portal
-
https://www.oracle.com/security-alerts/cpujul2020.html
Oracle Critical Patch Update Advisory - July 2020
-
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d15d662e89fc667b90cd294b0eb45694e33144da
kernel/git/torvalds/linux.git - Linux kernel source treePatch;Vendor Advisory
-
https://usn.ubuntu.com/3631-2/
USN-3631-2: Linux kernel (Xenial HWE) vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:2948
RHSA-2018:2948 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://usn.ubuntu.com/3631-1/
USN-3631-1: Linux kernel vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://www.debian.org/security/2018/dsa-4188
Debian -- Security Information -- DSA-4188-1 linuxThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:2390
RHSA-2018:2390 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
Security fixes in StruxureWare Data Center Expert v7.6.0 - User assistance for StruxureWare Data Center Expert 7.x - Help Center: Support for EcoStruxure IT, StruxureWare for Data Centers, and NetBotzThird Party Advisory
-
https://usn.ubuntu.com/3798-2/
USN-3798-2: Linux kernel (Trusty HWE) vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://mailman.alsa-project.org/pipermail/alsa-devel/2018-February/132026.html
[alsa-devel] [PATCH] ALSA: seq: Fix racy pool initializationsPatch;Third Party Advisory
-
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
Oracle Critical Patch Update - April 2019Patch;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00067.html
[security-announce] SUSE-SU-2018:0834-1: important: Security update forThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:1487
RHSA-2019:1487 - Security Advisory - Red Hat Customer Portal
-
https://bugzilla.redhat.com/show_bug.cgi?id=1550142
1550142 – (CVE-2018-7566) CVE-2018-7566 kernel: race condition in snd_seq_write() may lead to UAF or OOB-accessIssue Tracking;Patch;Third Party Advisory
-
http://www.securityfocus.com/bid/103605
Linux Kernel 'snd_seq_write()' Function Local Buffer Overflow VulnerabilityThird Party Advisory;VDB Entry
-
https://access.redhat.com/errata/RHSA-2018:2384
RHSA-2018:2384 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:2395
RHSA-2018:2395 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://usn.ubuntu.com/3798-1/
USN-3798-1: Linux kernel vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://www.debian.org/security/2018/dsa-4187
Debian -- Security Information -- DSA-4187-1 linuxThird Party Advisory
-
https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html
[SECURITY] [DLA 1369-1] linux security updateMailing List;Third Party Advisory
Jump to