CVE-2018-20669
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation.
Se ha descubierto un problema por el cual una dirección proporcionada con access_ok() no se comprueba en i915_gem_execbuffer2_ioctl en drivers/gpu/drm/i915/i915_gem_execbuffer.c en el kernel de Linux hasta la versión 4.19.13. Un atacante local puede manipular una llamada de función IOCTL para sobrescribir memoria arbitraria del kernel, lo que resulta en una denegación de servicio (DoS) o el escalado de privilegios.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-01-03 CVE Reserved
- 2019-03-18 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-05 CVE Updated
- 2024-08-05 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-20: Improper Input Validation
CAPEC
References (8)
URL | Tag | Source |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html | Mailing List | |
http://www.securityfocus.com/bid/106748 | Broken Link | |
https://access.redhat.com/security/cve/cve-2018-20669 | Third Party Advisory | |
https://security.netapp.com/advisory/ntap-20190404-0002 | Third Party Advisory | |
https://support.f5.com/csp/article/K32059550 | Third Party Advisory |
URL | Date | SRC |
---|---|---|
http://www.openwall.com/lists/oss-security/2019/01/23/6 | 2024-08-05 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/drivers/gpu/drm/i915/i915_gem_execbuffer.c | 2023-04-11 | |
https://usn.ubuntu.com/4485-1 | 2023-04-11 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Netapp Search vendor "Netapp" | Cn1610 Firmware Search vendor "Netapp" for product "Cn1610 Firmware" | - | - |
Affected
| in | Netapp Search vendor "Netapp" | Cn1610 Search vendor "Netapp" for product "Cn1610" | - | - |
Safe
|
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.13 < 4.14.185 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.13 < 4.14.185" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.15 < 4.19.129 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.15 < 4.19.129" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.20 < 5.0 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 5.0" | - |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04" | esm |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 16.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "16.04" | esm |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 18.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "18.04" | lts |
Affected
| ||||||
Netapp Search vendor "Netapp" | Hci Management Node Search vendor "Netapp" for product "Hci Management Node" | - | - |
Affected
| ||||||
Netapp Search vendor "Netapp" | Snapprotect Search vendor "Netapp" for product "Snapprotect" | - | - |
Affected
| ||||||
Netapp Search vendor "Netapp" | Solidfire Search vendor "Netapp" for product "Solidfire" | - | - |
Affected
|