Missing Address Check in Linux Kernel Affects Kernel Memory Dumping
CVE-2018-14656

7HIGH

Key Information:

Vendor

[unknown]

Status
Kernel
Vendor
CVE Published:
8 October 2018

What is CVE-2018-14656?

A vulnerability in the Linux kernel arises from a missing address check in the show_opcodes() function. This oversight allows attackers to exploit the kernel by dumping sensitive kernel memory at arbitrary addresses into the dmesg log. Such an attack can lead to unauthorized information disclosure, posing significant security risks to affected systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

kernel

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14656
x_refsource_CONFIRM
http://www.securitytracker.com/id/1041804
vdb-entryx_refsource_SECTRACK
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/...
x_refsource_CONFIRM

CVSS V3.1

Score:
7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.