CVE-2018-16658
Description
An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940.
Risk Information
Base Score
6.1
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
EPSS Score
Exploitation Probability
0.014
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Linux kernel for Microsoft Azure Cloud systems (USN-3762-2) linux-image-gcp_4.15.0.1024.38_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-3762-2) linux-image-gke_4.15.0.1024.38_amd64.deb | Linux |
| Linux kernel (USN-3797-1) linux-image-aws_4.4.0.1070.72_amd64.deb | Linux |
| Linux kernel (USN-3797-1) linux-image-kvm_4.4.0.1036.35_amd64.deb | Linux |
| Linux kernel (USN-3797-1) linux-image-generic_4.4.0.138.144_i386.deb | Linux |
| Linux kernel (USN-3797-1) linux-image-generic_4.4.0.138.144_amd64.deb | Linux |
| Linux kernel (USN-3797-1) linux-image-lowlatency_4.4.0.138.144_i386.deb | Linux |
| Linux kernel (USN-3797-1) linux-image-lowlatency_4.4.0.138.144_amd64.deb | Linux |
| Linux kernel (USN-3797-1) linux-image-4.4.0-1036-kvm_4.4.0-1036.42_amd64.deb | Linux |
| Linux kernel (USN-3797-1) linux-image-4.4.0-1070-aws_4.4.0-1070.80_amd64.deb | Linux |
| Linux kernel (USN-3797-1) linux-image-4.4.0-138-generic_4.4.0-138.164_i386.deb | Linux |
| Linux kernel (USN-3797-1) linux-image-4.4.0-138-generic_4.4.0-138.164_amd64.deb | Linux |
| Linux kernel (USN-3797-1) linux-image-4.4.0-138-lowlatency_4.4.0-138.164_i386.deb | Linux |
| Linux kernel (USN-3797-1) linux-image-4.4.0-138-lowlatency_4.4.0-138.164_amd64.deb | Linux |
| Linux kernel for Amazon Web Services (AWS) systems (USN-3797-2) linux-image-aws_4.4.0.1032.32_amd64.deb | Linux |
| Linux kernel for Amazon Web Services (AWS) systems (USN-3797-2) linux-image-4.4.0-1032-aws_4.4.0-1032.35_amd64.deb | Linux |
| Linux kernel for Amazon Web Services (AWS) systems (USN-3797-2) linux-image-4.4.0-138-generic_4.4.0-138.164~14.04.1_i386.deb | Linux |
| Linux kernel for Amazon Web Services (AWS) systems (USN-3797-2) linux-image-4.4.0-138-generic_4.4.0-138.164~14.04.1_amd64.deb | Linux |
| Linux kernel for Amazon Web Services (AWS) systems (USN-3797-2) linux-image-4.4.0-138-lowlatency_4.4.0-138.164~14.04.1_i386.deb | Linux |
| Linux kernel for Amazon Web Services (AWS) systems (USN-3797-2) linux-image-4.4.0-138-lowlatency_4.4.0-138.164~14.04.1_amd64.deb | Linux |
| Linux kernel (USN-3820-1) linux-image-4.15.0-1024-gcp_4.15.0-1024.25_amd64.deb | Linux |
| Linux kernel (USN-3820-1) linux-image-4.15.0-1026-kvm_4.15.0-1026.26_amd64.deb | Linux |
| Linux kernel (USN-3820-1) linux-image-4.15.0-1026-oem_4.15.0-1026.31_amd64.deb | Linux |
| Linux kernel (USN-3820-1) linux-image-4.15.0-1027-aws_4.15.0-1027.27_amd64.deb | Linux |
| Linux kernel (USN-3820-1) linux-image-4.15.0-1031-azure_4.15.0-1031.32_amd64.deb | Linux |
| Linux kernel (USN-3820-1) linux-image-4.15.0-39-generic_4.15.0-39.42_i386.deb | Linux |
| Linux kernel (USN-3820-1) linux-image-4.15.0-39-generic_4.15.0-39.42_amd64.deb | Linux |
| Linux kernel (USN-3820-1) linux-image-4.15.0-39-lowlatency_4.15.0-39.42_i386.deb | Linux |
| Linux kernel (USN-3820-1) linux-image-4.15.0-39-lowlatency_4.15.0-39.42_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-3820-2) linux-image-gcp_4.15.0.1024.38_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-3820-2) linux-image-gke_4.15.0.1024.38_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-3820-2) linux-image-oem_4.15.0.39.62_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-3820-2) linux-image-4.15.0-1024-gcp_4.15.0-1024.25~16.04.2_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-3820-2) linux-image-4.15.0-1031-azure_4.15.0-1031.32~16.04.1_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-3820-2) linux-image-4.15.0-39-generic_4.15.0-39.42~16.04.1_i386.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-3820-2) linux-image-4.15.0-39-generic_4.15.0-39.42~16.04.1_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-3820-2) linux-image-generic-hwe-16.04_4.15.0.39.62_i386.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-3820-2) linux-image-generic-hwe-16.04_4.15.0.39.62_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-3820-2) linux-image-4.15.0-39-lowlatency_4.15.0-39.42~16.04.1_i386.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-3820-2) linux-image-4.15.0-39-lowlatency_4.15.0-39.42~16.04.1_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-3820-2) linux-image-lowlatency-hwe-16.04_4.15.0.39.62_i386.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-3820-2) linux-image-lowlatency-hwe-16.04_4.15.0.39.62_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-3820-3) linux-image-4.15.0-1031-azure_4.15.0-1031.32~14.04.1+signed1_amd64.deb | Linux |
| Linux kernel (USN-3822-1) linux-image-3.13.0-162-generic_3.13.0-162.212_i386.deb | Linux |
| Linux kernel (USN-3822-1) linux-image-3.13.0-162-generic_3.13.0-162.212_amd64.deb | Linux |
| Linux kernel (USN-3822-1) linux-image-3.13.0-162-lowlatency_3.13.0-162.212_i386.deb | Linux |
| Linux kernel (USN-3822-1) linux-image-3.13.0-162-lowlatency_3.13.0-162.212_amd64.deb | Linux |
| (RHSA-2019:2029) kernel security, bug fix, and enhancement update bpftool-3.10.0-1062.el7.x86_64.rpm | Linux |
| (RHSA-2019:2029) kernel security, bug fix, and enhancement update kernel-3.10.0-1062.el7.x86_64.rpm | Linux |
| (RHSA-2019:2029) kernel security, bug fix, and enhancement update kernel-abi-whitelists-3.10.0-1062.el7.noarch.rpm | Linux |
| (RHSA-2019:2029) kernel security, bug fix, and enhancement update kernel-debug-3.10.0-1062.el7.x86_64.rpm | Linux |
| (RHSA-2019:2029) kernel security, bug fix, and enhancement update kernel-debug-devel-3.10.0-1062.el7.x86_64.rpm | Linux |
| (RHSA-2019:2029) kernel security, bug fix, and enhancement update kernel-devel-3.10.0-1062.el7.x86_64.rpm | Linux |
| (RHSA-2019:2029) kernel security, bug fix, and enhancement update kernel-doc-3.10.0-1062.el7.noarch.rpm | Linux |
| (RHSA-2019:2029) kernel security, bug fix, and enhancement update kernel-headers-3.10.0-1062.el7.x86_64.rpm | Linux |
| (RHSA-2019:2029) kernel security, bug fix, and enhancement update kernel-tools-3.10.0-1062.el7.x86_64.rpm | Linux |
| (RHSA-2019:2029) kernel security, bug fix, and enhancement update kernel-tools-libs-3.10.0-1062.el7.x86_64.rpm | Linux |
| (RHSA-2019:2029) kernel security, bug fix, and enhancement update kernel-tools-libs-devel-3.10.0-1062.el7.x86_64.rpm | Linux |
| (RHSA-2019:2029) kernel security, bug fix, and enhancement update perf-3.10.0-1062.el7.x86_64.rpm | Linux |
| (RHSA-2019:2029) kernel security, bug fix, and enhancement update python-perf-3.10.0-1062.el7.x86_64.rpm | Linux |
| Dtrace-modules-3.8.13-118.25.1.el6uek update (ELSA-2018-4245) dtrace-modules-3.8.13-118.25.1.el6uek-0.4.5-3.el6.x86_64.rpm | Linux |
| Dtrace-modules-3.8.13-118.25.1.el7uek update (ELSA-2018-4245) dtrace-modules-3.8.13-118.25.1.el7uek-0.4.5-3.el7.x86_64.rpm | Linux |
| Dtrace-modules-3.8.13-118.28.1.el6uek update (ELSA-2018-4300) dtrace-modules-3.8.13-118.28.1.el6uek-0.4.5-3.el6.x86_64.rpm | Linux |
| Dtrace-modules-3.8.13-118.28.1.el7uek update (ELSA-2018-4300) dtrace-modules-3.8.13-118.28.1.el7uek-0.4.5-3.el7.x86_64.rpm | Linux |
| Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-16658) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234