CVE-2018-1000199
Last modified
CVE-2018-1000199 is a vulnerability of currently unknown severity. The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. EPSS estimates a 1.22% chance of exploitation in the next 30 days.
Description
The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Debian | Debian Linux | 7.0 |
| Debian | Debian Linux | 8.0 |
| Debian | Debian Linux | 9.0 |
| Linux | Linux Kernel | 3.18 |
| Canonical | Ubuntu Linux | 12.04 |
| Canonical | Ubuntu Linux | 14.04 |
| Canonical | Ubuntu Linux | 16.04 |
| Canonical | Ubuntu Linux | 17.10 |
| Redhat | Enterprise Linux | 7.0 |
| Redhat | Enterprise Linux | 7.2 |
| Redhat | Enterprise Linux | 7.3 |
| Redhat | Enterprise Linux | 7.4 |
| Redhat | Enterprise Linux | 7.5 |
| Redhat | Enterprise Linux Desktop | 7.0 |
| Redhat | Enterprise Linux Server | 7.0 |
| Redhat | Enterprise Linux Server Aus | 7.2 |
| Redhat | Enterprise Linux Server Aus | 7.3 |
| Redhat | Enterprise Linux Server Aus | 7.4 |
| Redhat | Enterprise Linux Server Eus | 7.3 |
| Redhat | Enterprise Linux Server Eus | 7.4 |
| Redhat | Enterprise Linux Server Eus | 7.5 |
| Redhat | Enterprise Linux Server Tus | 7.2 |
| Redhat | Enterprise Linux Workstation | 7.0 |
References
- http://www.securitytracker.com/id/1040806Third Party Advisory, VDB Entry
- https://access.redhat.com/errata/RHSA-2018:1318Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1345Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1347Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1348Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1354Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1355Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1374Third Party Advisory
- https://lists.debian.org/debian-lts-announce/2018/05/msg00000.htmlThird Party Advisory
- https://lkml.org/lkml/2018/4/6/813Mailing List, Patch, Third Party Advisory
- https://usn.ubuntu.com/3641-1/Third Party Advisory
- https://usn.ubuntu.com/3641-2/Third Party Advisory
- https://www.debian.org/security/2018/dsa-4187Third Party Advisory
- https://www.debian.org/security/2018/dsa-4188Third Party Advisory
- http://www.securitytracker.com/id/1040806Third Party Advisory, VDB Entry
- https://access.redhat.com/errata/RHSA-2018:1318Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1345Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1347Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1348Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1354Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1355Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1374Third Party Advisory
- https://lists.debian.org/debian-lts-announce/2018/05/msg00000.htmlThird Party Advisory
- https://lkml.org/lkml/2018/4/6/813Mailing List, Patch, Third Party Advisory
- https://usn.ubuntu.com/3641-1/Third Party Advisory
- https://usn.ubuntu.com/3641-2/Third Party Advisory
- https://www.debian.org/security/2018/dsa-4187Third Party Advisory
- https://www.debian.org/security/2018/dsa-4188Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2018-1000199?
How severe is CVE-2018-1000199?
How do I fix CVE-2018-1000199?
Are you affected by CVE-2018-1000199?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST