Linux kernel is prone to a local security bypass vulnerability.
Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions.
Linux Kernel 3.2 and above versions are vulnerable.
Information
Bugtraq ID: 105761Class: Race Condition Error
CVE: CVE-2018-18281
Remote: No
Local: Yes
Published: Oct 30 2018 12:00AM
Updated: Apr 01 2019 06:00PM
Credit: JAnnh
Vulnerable: Redhat Enterprise Mrg 2
Redhat Enterprise Linux 7
Linux kernel 4.18.12
Linux kernel 4.18.11
Linux kernel 4.18.9
Linux kernel 4.18.6
Linux kernel 4.18.5
Linux kernel 4.14.71
Linux kernel 4.14.67
Linux kernel 4.14.31
Linux kernel 4.14.13
Linux kernel 4.14.11
Linux kernel 4.14.10
Linux kernel 4.14.6
Linux kernel 4.14.5
Linux kernel 4.14.1
Linux kernel 4.9.128
Linux kernel 4.9.91
Linux kernel 4.9.74
Linux kernel 4.9.71
Linux kernel 4.9.68
Linux kernel 4.9.36
Linux kernel 4.9.13
Linux kernel 4.9.8
Linux kernel 4.9.4
Linux kernel 4.9.3
Linux kernel 4.8.11
Linux kernel 4.4.125
Linux kernel 4.4.105
Linux kernel 4.4.27
Linux kernel 4.4.25
Linux kernel 4.4.24
Linux kernel 4.4.23
Linux kernel 4.4.22
Linux kernel 4.4.2
Linux kernel 4.2.3
Linux kernel 4.1.47
Linux kernel 4.1.4
Linux kernel 4.1.1
Linux kernel 4.0.6
Linux kernel 3.8.9
Linux kernel 3.8.6
Linux kernel 3.8.5
Linux kernel 3.8.4
Linux kernel 3.8.2
Linux kernel 3.8.1
Linux kernel 3.7.10
Linux kernel 3.7.9
Linux kernel 3.7.8
Linux kernel 3.7.7
Linux kernel 3.7.5
Linux kernel 3.7.4
Linux kernel 3.7.3
Linux kernel 3.7.2
Linux kernel 3.7.1
Linux kernel 3.6.11
Linux kernel 3.6.10
Linux kernel 3.6.9
Linux kernel 3.6.8
Linux kernel 3.6.7
Linux kernel 3.6.6
Linux kernel 3.6.5
Linux kernel 3.6.4
Linux kernel 3.6.3
Linux kernel 3.6.2
Linux kernel 3.6.1
Linux kernel 3.5.7
Linux kernel 3.5.6
Linux kernel 3.5.5
Linux kernel 3.5.4
Linux kernel 3.5.3
Linux kernel 3.5.2
Linux kernel 3.5.1
Linux kernel 3.4.88
Linux kernel 3.4.87
Linux kernel 3.4.86
Linux kernel 3.4.80
Linux kernel 3.4.76
Linux kernel 3.4.73
Linux kernel 3.4.72
Linux kernel 3.4.71
Linux kernel 3.4.64
Linux kernel 3.4.58
Linux kernel 3.4.42
Linux kernel 3.4.36
Linux kernel 3.4.32
Linux kernel 3.4.31
Linux kernel 3.4.27
Linux kernel 3.4.26
Linux kernel 3.4.25
Linux kernel 3.4.21
Linux kernel 3.4.20
Linux kernel 3.4.19
Linux kernel 3.4.18
Linux kernel 3.4.17
Linux kernel 3.4.16
Linux kernel 3.4.15
Linux kernel 3.4.14
Linux kernel 3.4.13
Linux kernel 3.4.12
Linux kernel 3.4.11
Linux kernel 3.4.10
Linux kernel 3.4.9
Linux kernel 3.4.8
Linux kernel 3.4.7
Linux kernel 3.4.6
Linux kernel 3.4.5
Linux kernel 3.4.4
Linux kernel 3.4.3
Linux kernel 3.4.2
Linux kernel 3.4.1
Linux kernel 3.3.5
Linux kernel 3.3.4
Linux kernel 3.3.2
Linux kernel 3.2.82
Linux kernel 3.2.72
Linux kernel 3.2.62
Linux kernel 3.2.57
Linux kernel 3.2.56
Linux kernel 3.2.51
Linux kernel 3.2.24
Linux kernel 3.2.23
Linux kernel 3.2.13
Linux kernel 3.2.12
Linux kernel 3.2.9
Linux kernel 3.2.1
Linux kernel 4.9.9
Linux kernel 4.9.11
Linux kernel 4.9
Linux kernel 4.8.7
Linux kernel 4.8.6
Linux kernel 4.8.3
Linux kernel 4.8.14
Linux kernel 4.8.13
Linux kernel 4.8.12
Linux kernel 4.8.1
Linux kernel 4.8
Linux kernel 4.4.26
Linux kernel 4.4.14
Linux kernel 4.4.1
Linux kernel 4.4
Linux kernel 4.3.3
Linux kernel 4.2.8
Linux kernel 4.2
Linux kernel 4.18.1
Linux kernel 4.14.8
Linux kernel 4.14.7
Linux kernel 4.14.4
Linux kernel 4.14.3
Linux kernel 4.14.2
Linux kernel 4.14.15
Linux kernel 4.14.14
Linux kernel 4.14
Linux kernel 4.1.15
Linux kernel 4.1
Linux kernel 4.0.5
Linux kernel 4.0
Linux kernel 3.9.8
Linux kernel 3.9.4
Linux kernel 3.9
Linux kernel 3.8
Linux kernel 3.7.6
Linux kernel 3.7
Linux kernel 3.6
Linux kernel 3.5-rc1
Linux kernel 3.5
Linux kernel 3.4.93
Linux kernel 3.4.81
Linux kernel 3.4.70
Linux kernel 3.4.67
Linux kernel 3.4.29
Linux kernel 3.4
Linux kernel 3.3
Linux kernel 3.2.81
Linux kernel 3.2.78
Linux kernel 3.2.65
Linux kernel 3.2.64
Linux kernel 3.2.63
Linux kernel 3.2.60
Linux kernel 3.2.55
Linux kernel 3.2.54
Linux kernel 3.2.53
Linux kernel 3.2.52
Linux kernel 3.2.50
Linux kernel 3.2.44
Linux kernel 3.2.42
Linux kernel 3.2.38
Linux kernel 3.2.2
Linux kernel 3.2
Google Android 0
Not Vulnerable: Linux kernel 4.18.16
Linux kernel 4.14.78
Linux kernel 4.9.135
Linux kernel 4.19
Exploit
The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.
References:
- Linux kernel Homepage (kernel.org)
- Change Log 4.14.78 (CDN Kernel)
- Change Log 4.18.16 (CDN Kernel)
- Change Log 4.9.135 (CDN Kernel)
- Linux: mremap() TLB flush too late with concurrent ftruncate() (Chromium)