642
VMScore

CVE-2018-1068

Published: 16/03/2018 Updated: 14/05/2019
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 6.7 | Impact Score: 5.9 | Exploitability Score: 0.8
VMScore: 642
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.

Affected Products

Vendor Product Versions
RedhatVirtualization Host4.0
RedhatEnterprise Linux Desktop7.0
RedhatEnterprise Linux Server7.0
RedhatEnterprise Linux Server Aus7.6
RedhatEnterprise Linux Server Eus7.5, 7.6
RedhatEnterprise Linux Server Tus7.6
RedhatEnterprise Linux Workstation7.0
CanonicalUbuntu Linux12.04, 14.04, 16.04, 17.10
DebianDebian Linux7.0, 8.0, 9.0
LinuxLinux Kernel4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.5, 4.0.6, 4.0.7, 4.0.8, 4.0.9, 4.1, 4.1.0, 4.1.1, 4.1.2, 4.1.3, 4.1.4, 4.1.5, 4.1.6, 4.1.7, 4.1.8, 4.1.9, 4.1.10, 4.1.11, 4.1.12, 4.1.13, 4.1.14, 4.1.15, 4.1.16, 4.1.17, 4.1.18, 4.1.19, 4.1.20, 4.1.21, 4.1.22, 4.1.23, 4.1.24, 4.1.25, 4.1.26, 4.1.27, 4.1.28, 4.1.29, 4.1.30, 4.1.31, 4.1.32, 4.1.33, 4.1.34, 4.1.35, 4.1.36, 4.1.37, 4.1.38, 4.1.39, 4.1.40, 4.1.41, 4.1.42, 4.1.43, 4.1.44, 4.1.45, 4.1.46, 4.1.47, 4.1.48, 4.1.49, 4.1.50, 4.1.51, 4.1.52, 4.2, 4.2.0, 4.2.1, 4.2.2, 4.2.3, 4.2.4, 4.2.5, 4.2.6, 4.2.7, 4.2.8, 4.3, 4.3.0, 4.3.1, 4.3.2, 4.3.3, 4.3.4, 4.3.5, 4.3.6, 4.4, 4.4.0, 4.4.1, 4.4.2, 4.4.3, 4.4.4, 4.4.5, 4.4.6, 4.4.7, 4.4.8, 4.4.9, 4.4.10, 4.4.11, 4.4.12, 4.4.13, 4.4.14, 4.4.15, 4.4.16, 4.4.17, 4.4.18, 4.4.19, 4.4.20, 4.4.21, 4.4.22, 4.4.23, 4.4.24, 4.4.25, 4.4.26, 4.4.27, 4.4.28, 4.4.29, 4.4.30, 4.4.31, 4.4.32, 4.4.33, 4.4.34, 4.4.35, 4.4.36, 4.4.37, 4.4.38, 4.4.39, 4.4.40, 4.4.41, 4.4.42, 4.4.43, 4.4.44, 4.4.45, 4.4.46, 4.4.47, 4.4.48, 4.4.49, 4.4.50, 4.4.51, 4.4.52, 4.4.53, 4.4.54, 4.4.55, 4.4.56, 4.4.57, 4.4.58, 4.4.59, 4.4.60, 4.4.61, 4.4.62, 4.4.63, 4.4.64, 4.4.65, 4.4.66, 4.4.67, 4.4.68, 4.4.69, 4.4.70, 4.4.71, 4.4.72, 4.4.73, 4.4.74, 4.4.75, 4.4.76, 4.4.77, 4.4.78, 4.4.79, 4.4.80, 4.4.81, 4.4.82, 4.4.83, 4.4.84, 4.4.85, 4.4.86, 4.4.87, 4.4.88, 4.4.89, 4.4.90, 4.4.91, 4.4.92, 4.4.93, 4.4.94, 4.4.95, 4.4.96, 4.4.97, 4.4.98, 4.4.99, 4.4.100, 4.4.101, 4.4.102, 4.4.103, 4.4.104, 4.4.105, 4.4.106, 4.4.107, 4.4.108, 4.4.109, 4.4.110, 4.4.111, 4.4.112, 4.4.113, 4.4.114, 4.4.115, 4.4.116, 4.4.117, 4.4.118, 4.4.119, 4.4.120, 4.4.121, 4.4.122, 4.4.123, 4.4.124, 4.4.125, 4.4.126, 4.4.127, 4.4.128, 4.4.129, 4.4.130, 4.4.131, 4.4.132, 4.4.133, 4.4.134, 4.4.135, 4.4.136, 4.4.137, 4.4.138, 4.4.139, 4.5, 4.5.0, 4.5.1, 4.5.2, 4.5.3, 4.5.4, 4.5.5, 4.5.6, 4.5.7, 4.6, 4.6.1, 4.6.2, 4.6.3, 4.6.4, 4.6.5, 4.6.6, 4.6.7, 4.7, 4.7.1, 4.7.2, 4.7.3, 4.7.4, 4.7.5, 4.7.6, 4.7.7, 4.7.8, 4.7.9, 4.7.10, 4.8, 4.8.1, 4.8.2, 4.8.3, 4.8.4, 4.8.5, 4.8.6, 4.8.7, 4.8.8, 4.8.9, 4.8.10, 4.8.11, 4.8.12, 4.8.13, 4.8.14, 4.8.15, 4.8.16, 4.8.17, 4.9, 4.9.1, 4.9.2, 4.9.3, 4.9.4, 4.9.5, 4.9.6, 4.9.7, 4.9.8, 4.9.9, 4.9.10, 4.9.11, 4.9.12, 4.9.13, 4.9.14, 4.9.15, 4.9.16, 4.9.17, 4.9.18, 4.9.19, 4.9.20, 4.9.21, 4.9.22, 4.9.23, 4.9.24, 4.9.25, 4.9.26, 4.9.27, 4.9.28, 4.9.29, 4.9.30, 4.9.31, 4.9.32, 4.9.33, 4.9.34, 4.9.35, 4.9.36, 4.9.37, 4.9.38, 4.9.39, 4.9.40, 4.9.41, 4.9.42, 4.9.43, 4.9.44, 4.9.45, 4.9.46, 4.9.47, 4.9.48, 4.9.49, 4.9.50, 4.9.51, 4.9.52, 4.9.53, 4.9.54, 4.9.55, 4.9.56, 4.9.57, 4.9.58, 4.9.59, 4.9.60, 4.9.61, 4.9.62, 4.9.63, 4.9.64, 4.9.65, 4.9.66, 4.9.67, 4.9.68, 4.9.69, 4.9.70, 4.9.71, 4.9.72, 4.9.73, 4.9.74, 4.9.75, 4.9.76, 4.9.77, 4.9.78, 4.9.79, 4.9.80, 4.9.81, 4.9.82, 4.9.83, 4.9.84, 4.9.85, 4.9.86, 4.9.87, 4.9.88, 4.9.89, 4.9.90, 4.9.91, 4.9.92, 4.9.93, 4.9.94, 4.9.95, 4.9.96, 4.9.97, 4.9.98, 4.9.99, 4.9.100, 4.9.101, 4.9.102, 4.9.103, 4.9.104, 4.9.105, 4.9.106, 4.9.107, 4.9.108, 4.9.109, 4.9.110, 4.9.111, 4.9.112, 4.9.113, 4.9.114, 4.9.115, 4.9.116, 4.9.117, 4.9.118, 4.9.119, 4.9.120, 4.9.121, 4.9.122, 4.9.123, 4.9.124, 4.9.125, 4.9.126, 4.9.127, 4.9.128, 4.9.129, 4.9.130, 4.9.131, 4.9.132, 4.9.133, 4.9.134, 4.9.135, 4.9.136, 4.9.137, 4.9.138, 4.9.139, 4.9.140, 4.9.141, 4.9.142, 4.9.143, 4.9.144, 4.10, 4.10.1, 4.10.2, 4.10.3, 4.10.4, 4.10.5, 4.10.6, 4.10.7, 4.10.8, 4.10.9, 4.10.10, 4.10.11, 4.10.12, 4.10.13, 4.10.14, 4.10.15, 4.10.16, 4.10.17, 4.11, 4.11.1, 4.11.2, 4.11.3, 4.11.4, 4.11.5, 4.11.6, 4.11.7, 4.11.8, 4.11.9, 4.11.10, 4.11.11, 4.11.12, 4.12, 4.12.1, 4.12.2, 4.12.3, 4.12.4, 4.12.5, 4.12.6, 4.12.7, 4.12.8, 4.12.9, 4.12.10, 4.12.11, 4.12.12, 4.12.13, 4.12.14, 4.13, 4.13.1, 4.13.2, 4.13.3, 4.13.4, 4.13.5, 4.13.6, 4.13.7, 4.13.8, 4.13.9, 4.13.10, 4.13.11, 4.13.12, 4.13.13, 4.13.14, 4.13.15, 4.13.16, 4.14, 4.14.1, 4.14.2, 4.14.3, 4.14.4, 4.14.5, 4.14.6, 4.14.7, 4.14.8, 4.14.9, 4.14.10, 4.14.11, 4.14.12, 4.14.13, 4.14.14, 4.14.15, 4.14.16, 4.14.17, 4.14.18, 4.14.19, 4.14.20, 4.14.21, 4.14.22, 4.14.23, 4.14.24, 4.14.25, 4.14.26, 4.14.27, 4.14.28, 4.14.29, 4.14.30, 4.14.31, 4.14.32, 4.14.33, 4.14.34, 4.14.35, 4.14.36, 4.14.37, 4.14.38, 4.14.39, 4.14.40, 4.14.41, 4.14.42, 4.14.43, 4.14.44, 4.14.45, 4.14.46, 4.14.47, 4.14.48, 4.14.49, 4.14.50, 4.14.51, 4.14.52, 4.14.53, 4.14.54, 4.14.67, 4.14.78, 4.14.81, 4.14.90, 4.15, 4.15.1, 4.15.2, 4.15.3, 4.15.4, 4.15.5, 4.15.6, 4.15.7, 4.15.8, 4.15.9, 4.15.10, 4.15.11, 4.15.12, 4.15.13, 4.15.14, 4.15.15, 4.15.16, 4.15.17, 4.15.18, 4.16

Vendor Advisories

Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (C ...
Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 73 Advanced Update Support, Red Hat Enterprise Linux 73 Telco Extended Update Support, and Red Hat Enterprise Linux 73 Update Services ...
Out-of-bounds write via userland offsets in ebt_entry struct in netfilter/ebtablesc:A flaw was found in the Linux kernel's implementation of 32-bit syscall interface for bridging This allowed a privileged user to arbitrarily write to a limited range of kernel memory (CVE-2018-1068 ) ...
A flaw was found in the Linux kernel's implementation of 32-bit syscall interface for bridging This allowed a privileged user to arbitrarily write to a limited range of kernel memory ...
Several security issues were fixed in the Linux kernel ...
Several security issues were fixed in the Linux kernel ...
Several security issues were fixed in the Linux kernel ...
Several security issues were fixed in the Linux kernel ...
Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise MRG 2Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVS ...
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 74 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...
Out-of-bounds write via userland offsets in ebt_entry struct in netfilter/ebtablesc:A flaw was found in the Linux kernel's implementation of 32-bit syscall interface for bridging This allowed a privileged user to arbitrarily write to a limited range of kernel memory (CVE-2018-1068 ) ...
Several security issues were fixed in the Linux kernel ...
Several security issues were addressed in the Linux kernel ...
Several security issues were addressed in the Linux kernel ...
A weakness was found in the Linux kernel's implementation of random seed data Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated (CVE-2018-1108 ) A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructio ...
Synopsis Important: kernel-alt security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for kernel-alt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability S ...
Race condition in the store_int_with_restart() function in cpu/mcheck/mcec:A race condition in the store_int_with_restart() function in arch/x86/kernel/cpu/mcheck/mcec in the Linux kernel allows local users to cause a denial of service (panic) by leveraging root access to write to the check_interval file in a /sys/devices/system/machinecheck/mach ...
A weakness was found in the Linux kernel's implementation of random seed data Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated (CVE-2018-1108 ) A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructio ...
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2017-5715 Multiple researchers have discovered a vulnerability in various processors supporting speculative execution, enabling an attacker controlling an unprivileged process to read mem ...
Oracle Linux Bulletin - April 2018 Description The Oracle Linux Bulletin lists all CVEs that had been resolved and announced in Oracle Linux Security Advisories (ELSA) in the last one month prior to the release of the bulletin Oracle Linux Bulletins are published on the same day as Oracle Critical P ...
Oracle VM Server for x86 Bulletin - April 2018 Description The Oracle VM Server for x86 Bulletin lists all CVEs that had been resolved and announced in Oracle VM Server for x86 Security Advisories (OVMSA) in the last one month prior to the release of the bulletin Oracle VM Server for x86 Bulletins are publi ...
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2015-9016 Ming Lei reported a race condition in the multiqueue block layer (blk-mq) On a system with a driver using blk-mq (mtip32xx, null_blk, or virtio_blk), a local user might be able ...
Multiple security vulnerabilities have been identified and fixed in the IBM Security Privileged Identity Manager Appliance ...
IBM has announced a release for IBM Security Identity Governance and Intelligence (IGI) in response to multiple security vulnerabilities There are multiple vulnerabilities fixes to open source libraries distributed with IGI, other less secure algorithms for crypto, xss attacks and click jacking attacks ...

Github Repositories

rhel-centos-ec2-vuls Installation and execution scripts of the Vuls vulnerability scanner (vulsio) for RHEL/CentOS on AWS EC2 Description Vuls is an open-source, agent-less vulnerability scanner based on information from NVD, OVAL, etc Use these scripts to install Vuls and run vulnerability scans on your RHEL/CentOS instance on AWS EC2 Files instal

SMR-MAY-2018 Samsung Mobile is releasing a maintenance release for major flagship models as part of monthly Security Maintenance Release (SMR) process This SMR package includes patches from Google and Samsung Google patches include patches up to Android Security Bulletin - May 2018 package; and Android security patch level (SPL) of May 1, 2018 includes all of these patches T