Local File Access Vulnerability in Ubuntu Linux Kernel
CVE-2018-6559

3.3LOW

Key Information:

Vendor

Canonical Ltd.

Status
Linux Kernel, As Used In Ubuntu 18.04 Lts And Ubuntu 18.10
Vendor
CVE Published:
18 October 2018

What is CVE-2018-6559?

A vulnerability in the Linux kernel, prevalent in specific Ubuntu distributions, enables local users to access filenames in restricted directories when utilizing an overlayfs mount within a user namespace. This flaw could potentially lead to sensitive information disclosure, impacting system confidentiality and user privacy.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10 4.15.0-38.41

Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10 4.18.0-10.11

References

http://www.securityfocus.com/bid/105752
vdb-entryx_refsource_BID
https://usn.ubuntu.com/3836-2/
vendor-advisoryx_refsource_UBUNTU
https://usn.ubuntu.com/3835-1/
vendor-advisoryx_refsource_UBUNTU

CVSS V3.1

Score:
3.3
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Philipp Wendler
JSON
.