First published: Wed May 09 2018(Updated: )
Last updated 29 November 2024
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Linux Linux kernel | <4.16.6 | |
Debian Debian Linux | =7.0 | |
redhat/kernel | <4.16.6 | 4.16.6 |
debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.119-1 6.11.10-1 6.12.5-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-10940 is a vulnerability in the Linux kernel that allows local attackers to read out kernel memory.
The severity of CVE-2018-10940 is categorized as low.
Local attackers can exploit CVE-2018-10940 by using an incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read kernel memory.
Linux kernel versions before 4.16.6 are affected by CVE-2018-10940.
You can find more information about CVE-2018-10940 in the references provided: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9de4ee40547fd315d4a0ed1dd15a2fa3559ad707, https://github.com/torvalds/linux/commit/9de4ee40547fd315d4a0ed1dd15a2fa3559ad707, and https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.6.