First published: Mon Mar 05 2018(Updated: )
A flaw was found in the latest Linux kernel. A out-of-bounds write of kernel address space may be triggered via uncontrolled userland provided offset in ebt_entry struct in netfilter/ebtables.c. References: <a href="https://marc.info/?l=linux-netdev&m=152023808817590&w=2">https://marc.info/?l=linux-netdev&m=152023808817590&w=2</a> <a href="https://marc.info/?l=linux-netdev&m=152025888924151&w=2">https://marc.info/?l=linux-netdev&m=152025888924151&w=2</a> An upsteam patch: <a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b71812168571fa55e44cdd0254471331b9c4c4c6">https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b71812168571fa55e44cdd0254471331b9c4c4c6</a> <a href="https://github.com/torvalds/linux/commit/b71812168571fa55e44cdd0254471331b9c4c4c6">https://github.com/torvalds/linux/commit/b71812168571fa55e44cdd0254471331b9c4c4c6</a>
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Linux Linux kernel | <3.2.102 | |
Linux Linux kernel | >=3.3<3.16.57 | |
Linux Linux kernel | >=3.17<3.18.100 | |
Linux Linux kernel | >=3.19<4.1.51 | |
Linux Linux kernel | >=4.2<4.4.122 | |
Linux Linux kernel | >=4.5<4.9.88 | |
Linux Linux kernel | >=4.10<4.14.27 | |
Linux Linux kernel | >=4.15<4.15.10 | |
Canonical Ubuntu Linux | =12.04 | |
Canonical Ubuntu Linux | =14.04 | |
Canonical Ubuntu Linux | =16.04 | |
Canonical Ubuntu Linux | =17.10 | |
Debian Debian Linux | =7.0 | |
Debian Debian Linux | =8.0 | |
Debian Debian Linux | =9.0 | |
Redhat Virtualization Host | =4.0 | |
Redhat Enterprise Linux Desktop | =7.0 | |
Redhat Enterprise Linux Server | =7.0 | |
Redhat Enterprise Linux Server Aus | =7.6 | |
Redhat Enterprise Linux Server Eus | =7.5 | |
Redhat Enterprise Linux Server Eus | =7.6 | |
Redhat Enterprise Linux Server Tus | =7.6 | |
Redhat Enterprise Linux Workstation | =7.0 | |
redhat/kernel | <3.10.0-862.1.1.el7 | 3.10.0-862.1.1.el7 |
debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.119-1 6.11.10-1 6.12.5-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-1068
The severity of CVE-2018-1068 is high with a severity value of 7.
The affected software for CVE-2018-1068 includes Linux kernel versions 4.16~ and 3.13.0-151.201.
CVE-2018-1068 allows a privileged user to arbitrarily write to a limited range of kernel memory in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging.
Yes, there are remedies available for CVE-2018-1068 depending on the specific version and source of the Linux kernel.