[PATCH 0/1][T/X/B/C/D] CVE-2018-18710 - Information leak in cdrom driver
Tyler Hicks
tyhicks at canonical.com
Tue Nov 20 00:48:40 UTC 2018
https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-18710.html
An issue was discovered in the Linux kernel through 4.19. An information
leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by
local attackers to read kernel memory because a cast from unsigned long to
int interferes with bounds checking. This is similar to CVE-2018-10940 and
CVE-2018-16658.
Clean cherry pick all the way back to Trusty. I was unable to test this
specific line of code in the cdrom ioctl handler because I think it requires a
cdrom with multiple disc slots. However, the build logs are clean and the fix
is easy to review.
Tyler
More information about the kernel-team
mailing list