CVE-2018-19854
kernel: Information Disclosure in crypto_report_one in crypto/crypto_user.c
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An issue was discovered in the Linux kernel before 4.19.3. crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sensitive memory to user programs. NOTE: this is a CVE-2013-2547 regression but with easier exploitability because the attacker does not need a capability (however, the system must have the CONFIG_CRYPTO_USER kconfig option).
Se ha descubierto un problema en el kernel de Linux hasta antes de la versión 4.19.3. crypto_report_one() y otras funciones relacionadas en crypto/crypto_user.c (la API de configuración de usuarios crypto) no inicializan completamente las estructuras que se copian en el espacio de usuario, lo que podría filtrar memoria sensible a los programas del usuario. NOTA: esta es una regresión de CVE-2013-2547, pero con una explotabilidad más sencilla. Esto se deba a que el atacante no necesita una capacidad (sin embargo, el sistema debe tener la opción de kconfig CONFIG_CRYPTO_USER).
An issue was discovered in the Linux kernel in the crypto_report_one() and related functions in the crypto/crypto_user.c (the crypto user configuration API) which do not fully initialize structures that are copied to userspace, potentially leaking sensitive kernel memory content to a userspace.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-12-04 CVE Reserved
- 2018-12-04 CVE Published
- 2024-03-23 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (12)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2019:3309 | 2019-11-06 | |
| https://access.redhat.com/errata/RHSA-2019:3517 | 2019-11-06 | |
| https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.3 | 2019-11-06 | |
| https://usn.ubuntu.com/3872-1 | 2019-11-06 | |
| https://usn.ubuntu.com/3878-1 | 2019-11-06 | |
| https://usn.ubuntu.com/3878-2 | 2019-11-06 | |
| https://usn.ubuntu.com/3901-1 | 2019-11-06 | |
| https://usn.ubuntu.com/3901-2 | 2019-11-06 | |
| https://access.redhat.com/security/cve/CVE-2018-19854 | 2019-11-05 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1656986 | 2019-11-05 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 4.19.3 Search vendor "Linux" for product "Linux Kernel" and version " < 4.19.3" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 16.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "16.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 18.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "18.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 18.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "18.10" | - |
Affected
| ||||||