Home

CVE-2018-8781

Description

The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.101

Associated Vulnerability

VulnerabilityOS Platform
Linux kernel (USN-3250-1) linux-image-generic_3.13.0.151.161_amd64.debLinux
Linux kernel (USN-3250-1) linux-image-lowlatency_3.13.0.151.161_amd64.debLinux
Linux kernel (USN-3620-1) linux-image-generic_3.13.0.151.161_i386.debLinux
Linux kernel (USN-3620-1) linux-image-lowlatency_3.13.0.151.161_i386.debLinux
Linux kernel for Google Cloud Platform (GCP) systems (USN-3630-2) linux-image-generic-hwe-16.04_4.13.0.45.64_amd64.debLinux
Linux kernel for Google Cloud Platform (GCP) systems (USN-3630-2) linux-image-generic-hwe-16.04_4.13.0.45.64_i386.debLinux
Linux kernel for Google Cloud Platform (GCP) systems (USN-3630-2) linux-image-lowlatency-hwe-16.04_4.13.0.45.64_amd64.debLinux
Linux kernel for Google Cloud Platform (GCP) systems (USN-3630-2) linux-image-lowlatency-hwe-16.04_4.13.0.45.64_i386.debLinux
Linux kernel (USN-3674-1) linux-image-3.13.0-151-generic_3.13.0-151.201_i386.debLinux
Linux kernel (USN-3674-1) linux-image-3.13.0-151-generic_3.13.0-151.201_amd64.debLinux
Linux kernel (USN-3674-1) linux-image-3.13.0-151-lowlatency_3.13.0-151.201_i386.debLinux
Linux kernel (USN-3674-1) linux-image-3.13.0-151-lowlatency_3.13.0-151.201_amd64.debLinux
Linux kernel (USN-3677-1) linux-image-generic_4.13.0.45.48_amd64.debLinux
Linux kernel (USN-3677-1) linux-image-lowlatency_4.13.0.45.48_amd64.debLinux
Linux kernel (USN-3677-1) linux-image-4.13.0-45-generic_4.13.0-45.50_i386.debLinux
Linux kernel (USN-3677-1) linux-image-4.13.0-45-generic_4.13.0-45.50_amd64.debLinux
Linux kernel (USN-3677-1) linux-image-4.13.0-45-lowlatency_4.13.0-45.50_i386.debLinux
Linux kernel (USN-3677-1) linux-image-4.13.0-45-lowlatency_4.13.0-45.50_amd64.debLinux
Linux kernel for Google Cloud Platform (GCP) systems (USN-3677-2) linux-image-4.13.0-1019-gcp_4.13.0-1019.23_amd64.debLinux
Linux kernel for Google Cloud Platform (GCP) systems (USN-3677-2) linux-image-4.13.0-1030-oem_4.13.0-1030.33_amd64.debLinux
Linux kernel for Google Cloud Platform (GCP) systems (USN-3677-2) linux-image-4.13.0-45-generic_4.13.0-45.50~16.04.1_i386.debLinux
Linux kernel for Google Cloud Platform (GCP) systems (USN-3677-2) linux-image-4.13.0-45-generic_4.13.0-45.50~16.04.1_amd64.debLinux
Linux kernel for Google Cloud Platform (GCP) systems (USN-3677-2) linux-image-4.13.0-45-lowlatency_4.13.0-45.50~16.04.1_i386.debLinux
Linux kernel for Google Cloud Platform (GCP) systems (USN-3677-2) linux-image-4.13.0-45-lowlatency_4.13.0-45.50~16.04.1_amd64.debLinux
Dtrace-modules-3.8.13-118.22.1.el6uek update (ELSA-2018-4164) dtrace-modules-3.8.13-118.22.1.el6uek-0.4.5-3.el6.x86_64.rpmLinux
Dtrace-modules-3.8.13-118.22.1.el7uek update (ELSA-2018-4164) dtrace-modules-3.8.13-118.22.1.el7uek-0.4.5-3.el7.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234