QwikSec

Security Database

CVE

CWE

Training

CVE-2018-17972

Published: Oct 3, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_UBUNTU

vdb-entry

x_refsource_BID

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_UBUNTU

https://marc.info/?l=linux-fsdevel&m=153806242024956&w=2

x_refsource_MISC

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_UBUNTU

[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update

mailing-list

x_refsource_MLIST

[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update

mailing-list

x_refsource_MLIST

[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_REDHAT

openSUSE-SU-2019:1407

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_REDHAT

https://support.f5.com/csp/article/K27673650?utm_source=f5support&amp%3Butm_medium=RSS

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.