Vladis Dronov
2018-10-04 09:14:42 UTC
Heololo,
A missing address check in the callers of the show_opcodes() in the Linux kernel
allows an attacker to dump the kernel memory at an arbitrary kernel address into
the dmesg log. This affects the upstream Linux kernel as it was introduced by
ba54d856a9d8 and 7cccf0725cf7, both since v4.18-rc1 and fixed by 342db04ae712
since v4.19-rc2.
The CVE-2018-14656 was assigned to this flaw, I would suggest to use it in public
communications regarding this flaw.
References:
https://bugzilla.redhat.com/show_bug.cgi?id=1629940
https://bugs.chromium.org/p/project-zero/issues/detail?id=1650
https://lore.kernel.org/lkml/20180828154901.112726-1-***@google.com/T/
An upstream patch:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=342db04ae71273322f0011384a9ed414df8bdae4
Best regards,
Vladis Dronov | Red Hat, Inc. | Product Security Engineer
A missing address check in the callers of the show_opcodes() in the Linux kernel
allows an attacker to dump the kernel memory at an arbitrary kernel address into
the dmesg log. This affects the upstream Linux kernel as it was introduced by
ba54d856a9d8 and 7cccf0725cf7, both since v4.18-rc1 and fixed by 342db04ae712
since v4.19-rc2.
The CVE-2018-14656 was assigned to this flaw, I would suggest to use it in public
communications regarding this flaw.
References:
https://bugzilla.redhat.com/show_bug.cgi?id=1629940
https://bugs.chromium.org/p/project-zero/issues/detail?id=1650
https://lore.kernel.org/lkml/20180828154901.112726-1-***@google.com/T/
An upstream patch:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=342db04ae71273322f0011384a9ed414df8bdae4
Best regards,
Vladis Dronov | Red Hat, Inc. | Product Security Engineer