[PATCH 0/1][T/X/B/C/D] CVE-2018-18710 - Information leak in cdrom driver

Tyler Hicks tyhicks at canonical.com
Tue Nov 20 00:48:40 UTC 2018


 An issue was discovered in the Linux kernel through 4.19. An information
 leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by
 local attackers to read kernel memory because a cast from unsigned long to
 int interferes with bounds checking. This is similar to CVE-2018-10940 and

Clean cherry pick all the way back to Trusty. I was unable to test this
specific line of code in the cdrom ioctl handler because I think it requires a
cdrom with multiple disc slots. However, the build logs are clean and the fix
is easy to review.


More information about the kernel-team mailing list