Privilege Escalation Vulnerability in Linux Kernel 4.x
CVE-2018-1068

6.7MEDIUM

Key Information:

Vendor

Linux Kernel Organization, Inc.

Status
Linux Kernel
Vendor
CVE Published:
16 March 2018

What is CVE-2018-1068?

A vulnerability was identified in the 32-bit syscall interface of the Linux 4.x kernel, which enables a privileged user to write to arbitrary locations within a restricted range of kernel memory. This breach could lead to significant security risks if exploited, allowing for potential modifications to kernel behavior and unauthorized access to sensitive data.

Affected Version(s)

Linux Kernel 4.x

References

https://www.debian.org/security/2018/dsa-4187
vendor-advisoryx_refsource_DEBIAN
https://usn.ubuntu.com/3654-1/
vendor-advisoryx_refsource_UBUNTU
https://usn.ubuntu.com/3674-1/
vendor-advisoryx_refsource_UBUNTU

CVSS V3.1

Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2018-1068 : Privilege Escalation Vulnerability in Linux Kernel 4.x