CVE-2018-7755
Description
An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the obtained kernel pointer to discover the location of kernel code and data and bypass kernel security protections such as KASLR.
Risk Information
Base Score
5.5
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.007
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Linux kernel (USN-3695-1) linux-image-aws_4.15.0.1011.11_amd64.deb | Linux |
| Linux kernel (USN-3695-1) linux-image-gcp_4.15.0.1010.12_amd64.deb | Linux |
| Linux kernel (USN-3695-1) linux-image-gke_4.15.0.1010.12_amd64.deb | Linux |
| Linux kernel (USN-3695-1) linux-image-kvm_4.15.0.1012.12_amd64.deb | Linux |
| Linux kernel (USN-3695-1) linux-image-oem_4.15.0.1009.11_amd64.deb | Linux |
| Linux kernel (USN-3695-1) linux-image-azure_4.15.0.1014.14_amd64.deb | Linux |
| Linux kernel (USN-3695-1) linux-image-4.15.0-1010-gcp_4.15.0-1010.10_amd64.deb | Linux |
| Linux kernel (USN-3695-1) linux-image-4.15.0-1011-aws_4.15.0-1011.11_amd64.deb | Linux |
| Linux kernel (USN-3695-1) linux-image-4.15.0-1012-kvm_4.15.0-1012.12_amd64.deb | Linux |
| Linux kernel (USN-3695-1) linux-image-4.15.0-1014-azure_4.15.0-1014.14_amd64.deb | Linux |
| Linux kernel (USN-3695-1) linux-image-4.15.0-24-generic_4.15.0-24.26_i386.deb | Linux |
| Linux kernel (USN-3695-1) linux-image-4.15.0-24-generic_4.15.0-24.26_amd64.deb | Linux |
| Linux kernel (USN-3695-1) linux-image-4.15.0-24-lowlatency_4.15.0-24.26_i386.deb | Linux |
| Linux kernel (USN-3695-1) linux-image-4.15.0-24-lowlatency_4.15.0-24.26_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-3695-2) linux-image-4.15.0-1014-azure_4.15.0-1014.14~16.04.1_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-3695-2) linux-image-4.15.0-24-generic_4.15.0-24.26~16.04.1_i386.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-3695-2) linux-image-4.15.0-24-generic_4.15.0-24.26~16.04.1_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-3695-2) linux-image-4.15.0-24-lowlatency_4.15.0-24.26~16.04.1_i386.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-3695-2) linux-image-4.15.0-24-lowlatency_4.15.0-24.26~16.04.1_amd64.deb | Linux |
| (RHSA-2019:2029) kernel security, bug fix, and enhancement update bpftool-3.10.0-1062.el7.x86_64.rpm | Linux |
| (RHSA-2019:2029) kernel security, bug fix, and enhancement update kernel-3.10.0-1062.el7.x86_64.rpm | Linux |
| (RHSA-2019:2029) kernel security, bug fix, and enhancement update kernel-abi-whitelists-3.10.0-1062.el7.noarch.rpm | Linux |
| (RHSA-2019:2029) kernel security, bug fix, and enhancement update kernel-debug-3.10.0-1062.el7.x86_64.rpm | Linux |
| (RHSA-2019:2029) kernel security, bug fix, and enhancement update kernel-debug-devel-3.10.0-1062.el7.x86_64.rpm | Linux |
| (RHSA-2019:2029) kernel security, bug fix, and enhancement update kernel-devel-3.10.0-1062.el7.x86_64.rpm | Linux |
| (RHSA-2019:2029) kernel security, bug fix, and enhancement update kernel-doc-3.10.0-1062.el7.noarch.rpm | Linux |
| (RHSA-2019:2029) kernel security, bug fix, and enhancement update kernel-headers-3.10.0-1062.el7.x86_64.rpm | Linux |
| (RHSA-2019:2029) kernel security, bug fix, and enhancement update kernel-tools-3.10.0-1062.el7.x86_64.rpm | Linux |
| (RHSA-2019:2029) kernel security, bug fix, and enhancement update kernel-tools-libs-3.10.0-1062.el7.x86_64.rpm | Linux |
| (RHSA-2019:2029) kernel security, bug fix, and enhancement update kernel-tools-libs-devel-3.10.0-1062.el7.x86_64.rpm | Linux |
| (RHSA-2019:2029) kernel security, bug fix, and enhancement update perf-3.10.0-1062.el7.x86_64.rpm | Linux |
| (RHSA-2019:2029) kernel security, bug fix, and enhancement update python-perf-3.10.0-1062.el7.x86_64.rpm | Linux |
| Dtrace-modules-3.8.13-118.28.1.el6uek update (ELSA-2018-4300) dtrace-modules-3.8.13-118.28.1.el6uek-0.4.5-3.el6.x86_64.rpm | Linux |
| Dtrace-modules-3.8.13-118.28.1.el7uek update (ELSA-2018-4300) dtrace-modules-3.8.13-118.28.1.el7uek-0.4.5-3.el7.x86_64.rpm | Linux |
| SUSE-SU-2022:1651-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-4.12.14-16.97.1.x86_64.rpm | Linux |
| SUSE-SU-2022:1651-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-base-4.12.14-16.97.1.x86_64.rpm | Linux |
| SUSE-SU-2022:1651-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-base-debuginfo-4.12.14-16.97.1.x86_64.rpm | Linux |
| SUSE-SU-2022:1651-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-debuginfo-4.12.14-16.97.1.x86_64.rpm | Linux |
| SUSE-SU-2022:1651-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-debugsource-4.12.14-16.97.1.x86_64.rpm | Linux |
| SUSE-SU-2022:1651-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-devel-4.12.14-16.97.1.x86_64.rpm | Linux |
| SUSE-SU-2022:1651-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-devel-azure-4.12.14-16.97.1.noarch.rpm | Linux |
| SUSE-SU-2022:1651-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-source-azure-4.12.14-16.97.1.noarch.rpm | Linux |
| SUSE-SU-2022:1651-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-syms-azure-4.12.14-16.97.1.x86_64.rpm | Linux |
| SUSE-SU-2022:1686-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-4.12.14-122.121.2.x86_64.rpm | Linux |
| SUSE-SU-2022:1686-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-base-4.12.14-122.121.2.x86_64.rpm | Linux |
| SUSE-SU-2022:1686-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-base-debuginfo-4.12.14-122.121.2.x86_64.rpm | Linux |
| SUSE-SU-2022:1686-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-debuginfo-4.12.14-122.121.2.x86_64.rpm | Linux |
| SUSE-SU-2022:1686-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-debugsource-4.12.14-122.121.2.x86_64.rpm | Linux |
| SUSE-SU-2022:1686-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-devel-4.12.14-122.121.2.x86_64.rpm | Linux |
| SUSE-SU-2022:1686-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-devel-debuginfo-4.12.14-122.121.2.x86_64.rpm | Linux |
| SUSE-SU-2022:1686-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-devel-4.12.14-122.121.2.noarch.rpm | Linux |
| SUSE-SU-2022:1686-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-macros-4.12.14-122.121.2.noarch.rpm | Linux |
| SUSE-SU-2022:1686-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-source-4.12.14-122.121.2.noarch.rpm | Linux |
| SUSE-SU-2022:1686-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-syms-4.12.14-122.121.2.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234