The userfaultfd implementation in the Linux kernel prior to 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |
||
redhat enterprise linux server aus 7.4 |
||
redhat enterprise linux server eus 7.4 |
||
redhat enterprise linux server eus 7.6 |
||
redhat enterprise linux server tus 7.4 |
||
redhat enterprise linux server tus 7.6 |
||
redhat enterprise linux workstation 7.0 |
||
redhat openshift container platform 3.11 |
||
redhat virtualization host 4.0 |
||
redhat enterprise linux desktop 7.0 |
||
redhat enterprise linux server 7.0 |
||
redhat enterprise linux server aus 7.6 |
||
redhat enterprise linux server eus 7.5 |
||
canonical ubuntu linux 16.04 |
||
canonical ubuntu linux 18.04 |
||
canonical ubuntu linux 18.10 |
||
canonical ubuntu linux 14.04 |