ALT-PU-2018-1512-1
Package kernel-image-un-def updated to version 4.14.31-alt1 for branch sisyphus in task 203145.
Closed vulnerabilities
Published: 2018-04-23
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2018-8781
The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space.
Severity: HIGH (7.8)
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
- RHSA-2018:2948
- RHSA-2018:2948
- RHSA-2018:3083
- RHSA-2018:3083
- RHSA-2018:3096
- RHSA-2018:3096
- [debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update
- [debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update
- https://patchwork.freedesktop.org/patch/211845/
- https://patchwork.freedesktop.org/patch/211845/
- https://research.checkpoint.com/mmap-vulnerabilities-linux-kernel/
- https://research.checkpoint.com/mmap-vulnerabilities-linux-kernel/
- USN-3654-1
- USN-3654-1
- USN-3654-2
- USN-3654-2
- USN-3656-1
- USN-3656-1
- USN-3674-1
- USN-3674-1
- USN-3674-2
- USN-3674-2
- USN-3677-1
- USN-3677-1
- USN-3677-2
- USN-3677-2
- DSA-4187
- DSA-4187
- DSA-4188
- DSA-4188