QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2018-18281

Back to search

CVE-2018-18281

Published: Oct 30, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. This is fixed in the following kernel versions: 4.9.135, 4.14.78, 4.18.16, 4.19.

VendorProductVersions

n/a

n/a

affected
n/a

References

USN-3835-1
vendor-advisory
x_refsource_UBUNTU
USN-3880-1
vendor-advisory
x_refsource_UBUNTU
USN-3871-5
vendor-advisory
x_refsource_UBUNTU
USN-3871-4
vendor-advisory
x_refsource_UBUNTU
USN-3880-2
vendor-advisory
x_refsource_UBUNTU
USN-3832-1
vendor-advisory
x_refsource_UBUNTU
105761
vdb-entry
x_refsource_BID
USN-3871-1
vendor-advisory
x_refsource_UBUNTU
106503
vdb-entry
x_refsource_BID
USN-3871-3
vendor-advisory
x_refsource_UBUNTU
RHSA-2019:0831
vendor-advisory
x_refsource_REDHAT
RHSA-2019:2043
vendor-advisory
x_refsource_REDHAT
RHSA-2019:2029
vendor-advisory
x_refsource_REDHAT
RHSA-2020:0036
vendor-advisory
x_refsource_REDHAT
RHSA-2020:0100
vendor-advisory
x_refsource_REDHAT
RHSA-2020:0103
vendor-advisory
x_refsource_REDHAT
RHSA-2020:0179
vendor-advisory
x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now