CVE-2018-16880
Description
A flaw was found in the Linux kernels handle_rx() function in the [vhost_net] driver. A malicious virtual guest, under specific conditions, can trigger an out-of-bounds write in a kmalloc-8 slab on a virtual host which may lead to a kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out. Versions from v4.16 and newer are vulnerable.
Risk Information
Base Score
7.0
MODERATE
Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.099
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Linux kernel for Microsoft Azure Cloud systems (USN-3878-2) linux-image-azure_4.18.0.1013.14_amd64.deb | Linux |
| Linux kernel (USN-3903-1) linux-image-gcp_4.18.0.1007.7_amd64.deb | Linux |
| Linux kernel (USN-3903-1) linux-image-gke_4.18.0.1007.7_amd64.deb | Linux |
| Linux kernel (USN-3903-1) linux-image-kvm_4.18.0.1008.8_amd64.deb | Linux |
| Linux kernel (USN-3903-1) linux-image-azure_4.18.0.1013.14_amd64.deb | Linux |
| Linux kernel (USN-3903-1) linux-image-generic_4.18.0.16.17_i386.deb | Linux |
| Linux kernel (USN-3903-1) linux-image-generic_4.18.0.16.17_amd64.deb | Linux |
| Linux kernel (USN-3903-1) linux-image-lowlatency_4.18.0.16.17_i386.deb | Linux |
| Linux kernel (USN-3903-1) linux-image-lowlatency_4.18.0.16.17_amd64.deb | Linux |
| Linux kernel (USN-3903-1) linux-image-4.18.0-1007-gcp_4.18.0-1007.8_amd64.deb | Linux |
| Linux kernel (USN-3903-1) linux-image-4.18.0-1008-kvm_4.18.0-1008.8_amd64.deb | Linux |
| Linux kernel (USN-3903-1) linux-image-4.18.0-1013-azure_4.18.0-1013.13_amd64.deb | Linux |
| Linux kernel (USN-3903-1) linux-image-4.18.0-16-generic_4.18.0-16.17_i386.deb | Linux |
| Linux kernel (USN-3903-1) linux-image-4.18.0-16-generic_4.18.0-16.17_amd64.deb | Linux |
| Linux kernel (USN-3903-1) linux-image-4.18.0-16-lowlatency_4.18.0-16.17_i386.deb | Linux |
| Linux kernel (USN-3903-1) linux-image-4.18.0-16-lowlatency_4.18.0-16.17_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-3903-2) linux-image-azure_4.18.0.1013.12_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-3903-2) linux-image-4.18.0-1013-azure_4.18.0-1013.13~18.04.1_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-3903-2) linux-image-4.18.0-16-generic_4.18.0-16.17~18.04.1_i386.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-3903-2) linux-image-4.18.0-16-generic_4.18.0-16.17~18.04.1_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-3903-2) linux-image-generic-hwe-18.04_4.18.0.16.66_i386.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-3903-2) linux-image-generic-hwe-18.04_4.18.0.16.66_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-3903-2) linux-image-4.18.0-16-lowlatency_4.18.0-16.17~18.04.1_i386.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-3903-2) linux-image-4.18.0-16-lowlatency_4.18.0-16.17~18.04.1_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-3903-2) linux-image-lowlatency-hwe-18.04_4.18.0.16.66_i386.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-3903-2) linux-image-lowlatency-hwe-18.04_4.18.0.16.66_amd64.deb | Linux |
| SUSE-SU-2019:1241-1(SUSE Linux Enterprise Desktop 12-SP4 ) kernel-default-4.12.14-95.16.1.x86_64.rpm | Linux |
| SUSE-SU-2019:1241-1(SUSE Linux Enterprise Desktop 12-SP4 ) kernel-default-debuginfo-4.12.14-95.16.1.x86_64.rpm | Linux |
| SUSE-SU-2019:1241-1(SUSE Linux Enterprise Desktop 12-SP4 ) kernel-default-debugsource-4.12.14-95.16.1.x86_64.rpm | Linux |
| SUSE-SU-2019:1241-1(SUSE Linux Enterprise Desktop 12-SP4 ) kernel-default-devel-4.12.14-95.16.1.x86_64.rpm | Linux |
| SUSE-SU-2019:1241-1(SUSE Linux Enterprise Desktop 12-SP4 ) kernel-default-devel-debuginfo-4.12.14-95.16.1.x86_64.rpm | Linux |
| SUSE-SU-2019:1241-1(SUSE Linux Enterprise Desktop 12-SP4 ) kernel-default-extra-4.12.14-95.16.1.x86_64.rpm | Linux |
| SUSE-SU-2019:1241-1(SUSE Linux Enterprise Desktop 12-SP4 ) kernel-default-extra-debuginfo-4.12.14-95.16.1.x86_64.rpm | Linux |
| SUSE-SU-2019:1241-1(SUSE Linux Enterprise Desktop 12-SP4 ) kernel-devel-4.12.14-95.16.1.noarch.rpm | Linux |
| SUSE-SU-2019:1241-1(SUSE Linux Enterprise Desktop 12-SP4 ) kernel-macros-4.12.14-95.16.1.noarch.rpm | Linux |
| SUSE-SU-2019:1241-1(SUSE Linux Enterprise Desktop 12-SP4 ) kernel-source-4.12.14-95.16.1.noarch.rpm | Linux |
| SUSE-SU-2019:1241-1(SUSE Linux Enterprise Desktop 12-SP4 ) kernel-syms-4.12.14-95.16.1.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234