Published: 29/01/2019 Updated: 19/07/2023

CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4

CVSS v3 Base Score: 7 | Impact Score: 5.9 | Exploitability Score: 1

VMScore: 614

Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

A flaw was found in the Linux kernel's handle_rx() function in the [vhost_net] driver. A malicious virtual guest, under specific conditions, can trigger an out-of-bounds write in a kmalloc-8 slab on a virtual host which may lead to a kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out. Versions from v4.16 and newer are vulnerable.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
canonical ubuntu linux 18.04
canonical ubuntu linux 18.10

Several security issues were fixed in the Linux kernel ...

A flaw was found in the Linux kernel's handle_rx() function in the [vhost_net] driver A malicious virtual guest, under specific conditions, can trigger an out-of-bounds write in a kmalloc-8 slab on a virtual host which may lead to a kernel memory corruption and a system panic Due to the nature of the flaw, privilege escalation cannot be fully rul ...

CWE-787 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16880 http://www.securityfocus.com/bid/106735 https://usn.ubuntu.com/3903-2/https://usn.ubuntu.com/3903-1/https://support.f5.com/csp/article/K03593314 http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00037.html https://nvd.nist.gov https://usn.ubuntu.com/3903-2/https://access.redhat.com/security/cve/cve-2018-16880

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-16880

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect