CVE-2018-1118

Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.3 LOW
LOCAL
LOW
HIGH
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 28%
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
4.8 ≤
𝑥
< 4.18
debiandebian_linux
8.0
canonicalubuntu_linux
16.04
canonicalubuntu_linux
18.04
redhatvirtualization_host
4.0
redhatenterprise_linux_desktop
7.0
redhatenterprise_linux_server
7.0
redhatenterprise_linux_workstation
7.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
6.1.106-3
fixed
bookworm (security)
6.1.112-1
fixed
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.226-1
fixed
jessie
not-affected
sid
6.11.5-1
fixed
trixie
6.11.5-1
fixed
wheezy
not-affected
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
linux
artful
ignored
bionic
Fixed 4.15.0-34.37
released
cosmic
not-affected
trusty
not-affected
xenial
not-affected
linux-aws
artful
dne
bionic
Fixed 4.15.0-1021.21
released
cosmic
not-affected
trusty
not-affected
xenial
not-affected
linux-azure
artful
dne
bionic
Fixed 4.15.0-1023.24
released
cosmic
not-affected
trusty
not-affected
xenial
Fixed 4.15.0-1023.24~16.04.1
released
linux-azure-edge
bionic
not-affected
cosmic
dne
trusty
dne
xenial
Fixed 4.15.0-1023.24
released
linux-euclid
artful
dne
bionic
dne
cosmic
dne
trusty
dne
xenial
not-affected
linux-flo
artful
dne
bionic
dne
cosmic
dne
trusty
dne
xenial
ignored
linux-gcp
artful
dne
bionic
Fixed 4.15.0-1019.20
released
cosmic
not-affected
trusty
dne
xenial
Fixed 4.15.0-1019.20~16.04.1
released
linux-gke
artful
dne
bionic
dne
cosmic
dne
trusty
dne
xenial
ignored
linux-goldfish
artful
dne
bionic
dne
cosmic
dne
trusty
dne
xenial
ignored
linux-grouper
artful
dne
bionic
dne
cosmic
dne
trusty
dne
xenial
dne
linux-hwe
artful
dne
bionic
not-affected
cosmic
dne
trusty
dne
xenial
Fixed 4.15.0-34.37~16.04.1
released
linux-hwe-edge
artful
dne
bionic
not-affected
cosmic
dne
trusty
dne
xenial
Fixed 4.15.0-34.37~16.04.1
released
linux-kvm
artful
dne
bionic
Fixed 4.15.0-1021.21
released
cosmic
not-affected
trusty
dne
xenial
not-affected
linux-lts-trusty
artful
dne
bionic
dne
cosmic
dne
trusty
dne
xenial
dne
linux-lts-utopic
artful
dne
bionic
dne
cosmic
dne
trusty
dne
xenial
dne
linux-lts-vivid
artful
dne
bionic
dne
cosmic
dne
trusty
dne
xenial
dne
linux-lts-wily
artful
dne
bionic
dne
cosmic
dne
trusty
dne
xenial
dne
linux-lts-xenial
artful
dne
bionic
dne
cosmic
dne
trusty
not-affected
xenial
dne
linux-maguro
artful
dne
bionic
dne
cosmic
dne
trusty
dne
xenial
dne
linux-mako
artful
dne
bionic
dne
cosmic
dne
trusty
dne
xenial
ignored
linux-manta
artful
dne
bionic
dne
cosmic
dne
trusty
dne
xenial
dne
linux-oem
artful
dne
bionic
Fixed 4.15.0-1018.21
released
cosmic
not-affected
trusty
dne
xenial
ignored
linux-raspi2
artful
ignored
bionic
Fixed 4.15.0-1022.24
released
cosmic
not-affected
trusty
dne
xenial
not-affected
linux-snapdragon
artful
not-affected
bionic
not-affected
cosmic
dne
trusty
dne
xenial
not-affected
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
kernel-azure
suse enterprise sap 15
4.12.14-5.8.1
fixed
suse enterprise server 15
4.12.14-5.8.1
fixed
kernel-azure-base
suse enterprise sap 15
4.12.14-5.8.1
fixed
suse enterprise sap 15 SP2
4.12.14-8.30.1
fixed
suse enterprise sap 15 SP3
4.12.14-8.58.1
fixed
suse enterprise server 15
4.12.14-5.8.1
fixed
suse enterprise server 15 SP2
4.12.14-8.30.1
fixed
suse enterprise server 15 SP3
4.12.14-8.58.1
fixed
kernel-default
suse enterprise desktop 15
4.12.14-25.3.1
fixed
suse enterprise desktop 15 SP1
4.12.14-195.1
fixed
suse enterprise sap 15
4.12.14-25.3.1
fixed
suse enterprise sap 15 SP1
4.12.14-195.1
fixed
suse enterprise server 15
4.12.14-25.3.1
fixed
suse enterprise server 15 SP1
4.12.14-195.1
fixed
kernel-default-base
suse enterprise desktop 15 SP1
4.12.14-195.1
fixed
suse enterprise sap 15 SP1
4.12.14-195.1
fixed
suse enterprise server 15 SP1
4.12.14-195.1
fixed
kernel-default-man
suse enterprise desktop 15
4.12.14-25.3.1
fixed
suse enterprise desktop 15 SP1
4.12.14-195.1
fixed
suse enterprise sap 15
4.12.14-25.3.1
fixed
suse enterprise sap 15 SP1
4.12.14-195.1
fixed
suse enterprise server 15
4.12.14-25.3.1
fixed
suse enterprise server 15 SP1
4.12.14-195.1
fixed
kernel-docs
suse enterprise desktop 15
4.12.14-25.3.1
fixed
suse enterprise desktop 15 SP1
4.12.14-195.1
fixed
suse enterprise sap 15
4.12.14-25.3.1
fixed
suse enterprise sap 15 SP1
4.12.14-195.1
fixed
suse enterprise server 15
4.12.14-25.3.1
fixed
suse enterprise server 15 SP1
4.12.14-195.1
fixed
kernel-macros
suse enterprise desktop 15
4.12.14-25.3.1
fixed
suse enterprise desktop 15 SP1
4.12.14-195.1
fixed
suse enterprise sap 15
4.12.14-25.3.1
fixed
suse enterprise sap 15 SP1
4.12.14-195.1
fixed
suse enterprise server 15
4.12.14-25.3.1
fixed
suse enterprise server 15 SP1
4.12.14-195.1
fixed
kernel-obs-build
suse enterprise desktop 15
4.12.14-25.3.1
fixed
suse enterprise desktop 15 SP1
4.12.14-195.1
fixed
suse enterprise sap 15
4.12.14-25.3.1
fixed
suse enterprise sap 15 SP1
4.12.14-195.1
fixed
suse enterprise server 15
4.12.14-25.3.1
fixed
suse enterprise server 15 SP1
4.12.14-195.1
fixed
kernel-source
suse enterprise desktop 15
4.12.14-25.3.1
fixed
suse enterprise desktop 15 SP1
4.12.14-195.1
fixed
suse enterprise sap 15
4.12.14-25.3.1
fixed
suse enterprise sap 15 SP1
4.12.14-195.1
fixed
suse enterprise server 15
4.12.14-25.3.1
fixed
suse enterprise server 15 SP1
4.12.14-195.1
fixed
kernel-source-azure
suse enterprise sap 15
4.12.14-5.8.1
fixed
suse enterprise sap 15 SP2
4.12.14-5.8.1
fixed
suse enterprise sap 15 SP3
4.12.14-5.8.1
fixed
suse enterprise server 15
4.12.14-5.8.1
fixed
suse enterprise server 15 SP2
4.12.14-5.8.1
fixed
suse enterprise server 15 SP3
4.12.14-5.8.1
fixed
kernel-syms
suse enterprise desktop 15
4.12.14-25.3.1
fixed
suse enterprise desktop 15 SP1
4.12.14-195.1
fixed
suse enterprise sap 15
4.12.14-25.3.1
fixed
suse enterprise sap 15 SP1
4.12.14-195.1
fixed
suse enterprise server 15
4.12.14-25.3.1
fixed
suse enterprise server 15 SP1
4.12.14-195.1
fixed
kernel-syms-azure
suse enterprise sap 15
4.12.14-5.8.1
fixed
suse enterprise server 15
4.12.14-5.8.1
fixed
kernel-vanilla-base
suse enterprise desktop 15
4.12.14-25.3.1
fixed
suse enterprise sap 15
4.12.14-25.3.1
fixed
suse enterprise server 15
4.12.14-25.3.1
fixed
kernel-zfcpdump
suse enterprise desktop 15
4.12.14-25.3.1
fixed
suse enterprise desktop 15 SP1
4.12.14-195.1
fixed
suse enterprise sap 15
4.12.14-25.3.1
fixed
suse enterprise sap 15 SP1
4.12.14-195.1
fixed
suse enterprise server 15
4.12.14-25.3.1
fixed
suse enterprise server 15 SP1
4.12.14-195.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
bpftool
RHEL 7
0:3.10.0-957.el7
fixed
kernel
RHEL 7
0:3.10.0-957.el7
fixed
kernel-abi-whitelists
RHEL 7
0:3.10.0-957.el7
fixed
kernel-bootwrapper
RHEL 7
0:3.10.0-957.el7
fixed
kernel-debug
RHEL 7
0:3.10.0-957.el7
fixed
kernel-debug-devel
RHEL 7
0:3.10.0-957.el7
fixed
kernel-devel
RHEL 7
0:3.10.0-957.el7
fixed
kernel-doc
RHEL 7
0:3.10.0-957.el7
fixed
kernel-kdump
RHEL 7
0:3.10.0-957.el7
fixed
kernel-kdump-devel
RHEL 7
0:3.10.0-957.el7
fixed
kernel-rt
RHEL 7
0:3.10.0-957.rt56.910.el7
fixed
kernel-rt-debug
RHEL 7
0:3.10.0-957.rt56.910.el7
fixed
kernel-rt-debug-devel
RHEL 7
0:3.10.0-957.rt56.910.el7
fixed
kernel-rt-debug-kvm
RHEL 7
0:3.10.0-957.rt56.910.el7
fixed
kernel-rt-devel
RHEL 7
0:3.10.0-957.rt56.910.el7
fixed
kernel-rt-doc
RHEL 7
0:3.10.0-957.rt56.910.el7
fixed
kernel-rt-kvm
RHEL 7
0:3.10.0-957.rt56.910.el7
fixed
kernel-rt-trace
RHEL 7
0:3.10.0-957.rt56.910.el7
fixed
kernel-rt-trace-devel
RHEL 7
0:3.10.0-957.rt56.910.el7
fixed
kernel-rt-trace-kvm
RHEL 7
0:3.10.0-957.rt56.910.el7
fixed
kernel-tools
RHEL 7
0:3.10.0-957.el7
fixed
kernel-tools-libs
RHEL 7
0:3.10.0-957.el7
fixed
kernel-tools-libs-devel
RHEL 7
0:3.10.0-957.el7
fixed
perf
RHEL 7
0:3.10.0-957.el7
fixed
python-perf
RHEL 7
0:3.10.0-957.el7
fixed
Common Weakness Enumeration
References
https://access.redhat.com/errata/RHSA-2018:2948
https://access.redhat.com/errata/RHSA-2018:3083
https://access.redhat.com/errata/RHSA-2018:3096
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1118
https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html
https://usn.ubuntu.com/3762-1/
https://usn.ubuntu.com/3762-2/
https://access.redhat.com/errata/RHSA-2018:2948
https://access.redhat.com/errata/RHSA-2018:3083
https://access.redhat.com/errata/RHSA-2018:3096
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1118
https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html
https://usn.ubuntu.com/3762-1/
https://usn.ubuntu.com/3762-2/