CVE-2018-19333

Published: Nov 17, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

pkg/sentry/kernel/shm/shm.go in Google gVisor before 2018-11-01 allows attackers to overwrite memory locations in processes running as root (but not escape the sandbox) via vectors involving IPC_RMID shmctl calls, because reference counting is mishandled.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://justi.cz/security/2018/11/14/gvisor-lpe.html

x_refsource_MISC

https://github.com/google/gvisor/commit/0e277a39c8b6f905e289b75e8ad0594e6b3562ca

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-19333

Description

Affected Products

References