2.1
CVSSv2

CVE-2018-1118

Published: 10/05/2018 Updated: 09/10/2019
CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 187
Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file.

Vulnerability Trend

Affected Products

Vendor Product Versions
RedhatVirtualization Host4.0
RedhatEnterprise Linux Desktop7.0
RedhatEnterprise Linux Server7.0
RedhatEnterprise Linux Workstation7.0
CanonicalUbuntu Linux16.04, 18.04
DebianDebian Linux8.0
LinuxLinux Kernel4.8, 4.8.1, 4.8.2, 4.8.3, 4.8.4, 4.8.5, 4.8.6, 4.8.7, 4.8.8, 4.8.9, 4.8.10, 4.8.11, 4.8.12, 4.8.13, 4.8.14, 4.8.15, 4.8.16, 4.8.17, 4.9, 4.9.1, 4.9.2, 4.9.3, 4.9.4, 4.9.5, 4.9.6, 4.9.7, 4.9.8, 4.9.9, 4.9.10, 4.9.11, 4.9.12, 4.9.13, 4.9.14, 4.9.15, 4.9.16, 4.9.17, 4.9.18, 4.9.19, 4.9.20, 4.9.21, 4.9.22, 4.9.23, 4.9.24, 4.9.25, 4.9.26, 4.9.27, 4.9.28, 4.9.29, 4.9.30, 4.9.31, 4.9.32, 4.9.33, 4.9.34, 4.9.35, 4.9.36, 4.9.37, 4.9.38, 4.9.39, 4.9.40, 4.9.41, 4.9.42, 4.9.43, 4.9.44, 4.9.45, 4.9.46, 4.9.47, 4.9.48, 4.9.49, 4.9.50, 4.9.51, 4.9.52, 4.9.53, 4.9.54, 4.9.55, 4.9.56, 4.9.57, 4.9.58, 4.9.59, 4.9.60, 4.9.61, 4.9.62, 4.9.63, 4.9.64, 4.9.65, 4.9.66, 4.9.67, 4.9.68, 4.9.69, 4.9.70, 4.9.71, 4.9.72, 4.9.73, 4.9.74, 4.9.75, 4.9.76, 4.9.77, 4.9.78, 4.9.79, 4.9.80, 4.9.81, 4.9.82, 4.9.83, 4.9.84, 4.9.85, 4.9.86, 4.9.87, 4.9.88, 4.9.89, 4.9.90, 4.9.91, 4.9.92, 4.9.93, 4.9.94, 4.9.95, 4.9.96, 4.9.97, 4.9.98, 4.9.99, 4.9.100, 4.9.101, 4.9.102, 4.9.103, 4.9.104, 4.9.105, 4.9.106, 4.9.107, 4.9.108, 4.9.109, 4.9.110, 4.9.111, 4.9.112, 4.9.113, 4.9.114, 4.9.115, 4.9.116, 4.9.117, 4.9.118, 4.9.119, 4.9.120, 4.9.121, 4.9.122, 4.9.123, 4.9.124, 4.9.125, 4.9.126, 4.9.127, 4.9.128, 4.9.129, 4.9.130, 4.9.131, 4.9.132, 4.9.133, 4.9.134, 4.9.135, 4.9.136, 4.9.137, 4.9.138, 4.9.139, 4.9.140, 4.9.141, 4.9.142, 4.9.143, 4.9.144, 4.9.145, 4.9.146, 4.9.147, 4.9.148, 4.9.149, 4.9.150, 4.9.151, 4.9.152, 4.9.153, 4.9.154, 4.9.155, 4.9.156, 4.9.157, 4.9.158, 4.9.159, 4.9.160, 4.9.161, 4.9.162, 4.9.163, 4.9.164, 4.9.165, 4.9.166, 4.9.167, 4.9.168, 4.9.169, 4.9.170, 4.9.171, 4.9.172, 4.9.173, 4.9.174, 4.9.175, 4.9.176, 4.9.177, 4.9.178, 4.9.179, 4.9.180, 4.9.181, 4.9.182, 4.9.183, 4.9.184, 4.9.185, 4.9.186, 4.9.187, 4.9.188, 4.9.189, 4.9.190, 4.10, 4.10.1, 4.10.2, 4.10.3, 4.10.4, 4.10.5, 4.10.6, 4.10.7, 4.10.8, 4.10.9, 4.10.10, 4.10.11, 4.10.12, 4.10.13, 4.10.14, 4.10.15, 4.10.16, 4.10.17, 4.11, 4.11.1, 4.11.2, 4.11.3, 4.11.4, 4.11.5, 4.11.6, 4.11.7, 4.11.8, 4.11.9, 4.11.10, 4.11.11, 4.11.12, 4.12, 4.12.1, 4.12.2, 4.12.3, 4.12.4, 4.12.5, 4.12.6, 4.12.7, 4.12.8, 4.12.9, 4.12.10, 4.12.11, 4.12.12, 4.12.13, 4.12.14, 4.13, 4.13.1, 4.13.2, 4.13.3, 4.13.4, 4.13.5, 4.13.6, 4.13.7, 4.13.8, 4.13.9, 4.13.10, 4.13.11, 4.13.12, 4.13.13, 4.13.14, 4.13.15, 4.13.16, 4.14, 4.14.1, 4.14.2, 4.14.3, 4.14.4, 4.14.5, 4.14.6, 4.14.7, 4.14.8, 4.14.9, 4.14.10, 4.14.11, 4.14.12, 4.14.13, 4.14.14, 4.14.15, 4.14.16, 4.14.17, 4.14.18, 4.14.19, 4.14.20, 4.14.21, 4.14.22, 4.14.23, 4.14.24, 4.14.25, 4.14.26, 4.14.27, 4.14.28, 4.14.29, 4.14.30, 4.14.31, 4.14.32, 4.14.33, 4.14.34, 4.14.35, 4.14.36, 4.14.37, 4.14.38, 4.14.39, 4.14.40, 4.14.41, 4.14.42, 4.14.43, 4.14.44, 4.14.45, 4.14.46, 4.14.47, 4.14.48, 4.14.49, 4.14.50, 4.14.51, 4.14.52, 4.14.53, 4.14.54, 4.14.55, 4.14.56, 4.14.57, 4.14.58, 4.14.59, 4.14.60, 4.14.61, 4.14.62, 4.14.63, 4.14.64, 4.14.65, 4.14.66, 4.14.67, 4.14.68, 4.14.69, 4.14.70, 4.14.71, 4.14.72, 4.14.73, 4.14.74, 4.14.75, 4.14.76, 4.14.77, 4.14.78, 4.14.79, 4.14.80, 4.14.81, 4.14.82, 4.14.83, 4.14.84, 4.14.85, 4.14.86, 4.14.87, 4.14.88, 4.14.89, 4.14.90, 4.14.91, 4.14.92, 4.14.93, 4.14.94, 4.14.95, 4.14.96, 4.14.97, 4.14.98, 4.14.99, 4.14.100, 4.14.101, 4.14.102, 4.14.103, 4.14.104, 4.14.105, 4.14.106, 4.14.107, 4.14.108, 4.14.109, 4.14.110, 4.14.111, 4.14.112, 4.14.113, 4.14.114, 4.14.115, 4.14.116, 4.14.117, 4.14.118, 4.14.119, 4.14.120, 4.14.121, 4.14.122, 4.14.123, 4.14.124, 4.14.125, 4.14.126, 4.14.127, 4.14.128, 4.14.129, 4.14.130, 4.14.131, 4.14.132, 4.14.133, 4.14.134, 4.14.135, 4.14.136, 4.14.137, 4.14.138, 4.14.139, 4.14.140, 4.14.141, 4.15, 4.15.1, 4.15.2, 4.15.3, 4.15.4, 4.15.5, 4.15.6, 4.15.7, 4.15.8, 4.15.9, 4.15.10, 4.15.11, 4.15.12, 4.15.13, 4.15.14, 4.15.15, 4.15.16, 4.15.17, 4.15.18, 4.16, 4.16.1, 4.16.2, 4.16.3, 4.16.4, 4.16.5, 4.16.6, 4.16.7, 4.16.8, 4.16.9, 4.16.10, 4.16.11, 4.16.12, 4.16.13, 4.16.14, 4.16.15, 4.16.16, 4.16.17, 4.16.18, 4.17, 4.17.1, 4.17.2, 4.17.3, 4.17.4, 4.17.5, 4.17.6, 4.17.7, 4.17.8, 4.17.9

Vendor Advisories

Several security issues were fixed in the Linux kernel ...
The Linux kernel does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhostc:vhost_new_msg() function This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file ...
Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...
Synopsis Important: kernel-rt security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Sco ...
Synopsis Important: kernel-alt security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for kernel-alt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability S ...
Oracle Linux Bulletin - October 2018 Description The Oracle Linux Bulletin lists all CVEs that had been resolved and announced in Oracle Linux Security Advisories (ELSA) in the last one month prior to the release of the bulletin Oracle Linux Bulletins are published on the same day as Oracle Critical ...

Github Repositories