Linux Kernel CVE-2018-10840 Local Heap Based Buffer Overflow Vulnerability

Linux Kernel is prone to a local heap-based buffer-overflow vulnerability.

Attackers may be able to exploit this issue to execute arbitrary code with elevated privileges. Failed attack attempts will likely result in denial-of-service conditions.
Kernel versions 4.15, 4.16, and 4.17 are vulnerable; other versions may also be affected.


Bugtraq ID: 104858
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2018-10840

Remote: No
Local: Yes
Published: Apr 11 2018 12:00AM
Updated: Dec 07 2018 06:00AM
Credit: Wen Xu from SSLab, Gatech.
Vulnerable: Redhat Enterprise Mrg 2
Redhat Enterprise Linux 7
Redhat Enterprise Linux 6
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Linux 2.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
Redhat Enterprise Linux 5
Linux kernel 4.16.11
Linux kernel 4.16.9
Linux kernel 4.16.6
Linux kernel 4.16.3
Linux kernel 4.15.14
Linux kernel 4.15.11
Linux kernel 4.15.9
Linux kernel 4.15.4
Linux kernel 4.17-rc2
Linux kernel 4.17
Linux kernel 4.16-rc7
Linux kernel 4.16-rc6
Linux kernel 4.16-rc
Linux kernel 4.16
Linux kernel 4.15.8
Linux kernel 4.15.7
Linux kernel 4.15.16
Linux kernel 4.15-rc5
Linux kernel 4.15
Google Android 0

Not Vulnerable:


The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.

Related Posts