CVE-2018-1091
27.03.2018, 21:29
In the flush_tmregs_to_thread function in arch/powerpc/kernel/ptrace.c in the Linux kernel before 4.13.5, a guest kernel crash can be triggered from unprivileged userspace during a core dump on a POWER host due to a missing processor feature check and an erroneous use of transactional memory (TM) instructions in the core dump path, leading to a denial of service.Enginsight
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 𝑥 ≤ 4.13.4 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||
|---|---|---|---|---|---|---|---|
| linux |
| ||||||
| linux-aws |
| ||||||
| linux-azure |
| ||||||
| linux-euclid |
| ||||||
| linux-flo |
| ||||||
| linux-gcp |
| ||||||
| linux-gke |
| ||||||
| linux-goldfish |
| ||||||
| linux-grouper |
| ||||||
| linux-hwe |
| ||||||
| linux-hwe-edge |
| ||||||
| linux-kvm |
| ||||||
| linux-lts-trusty |
| ||||||
| linux-lts-utopic |
| ||||||
| linux-lts-vivid |
| ||||||
| linux-lts-wily |
| ||||||
| linux-lts-xenial |
| ||||||
| linux-maguro |
| ||||||
| linux-mako |
| ||||||
| linux-manta |
| ||||||
| linux-oem |
| ||||||
| linux-raspi2 |
| ||||||
| linux-snapdragon |
|
Common Weakness Enumeration
- CWE-391 - Unchecked Error Condition[PLANNED FOR DEPRECATION. SEE MAINTENANCE NOTES AND CONSIDER CWE-252, CWE-248, OR CWE-1069.] Ignoring exceptions and other error conditions may allow an attacker to induce unexpected behavior unnoticed.
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory BufferThe software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.
References