CVE-2018-1000199

MEDIUM

Linux Kernel <3.18 - Memory Corruption

Title source: llm

Description

The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f.

Exploits (1)

nomisec WORKING POC

by dsfau · poc

https://github.com/dsfau/CVE-2018-1000199

View Code ZIP pw:eip

References (15)

Core 15

Core References

Third Party Advisory vendor-advisory x_refsource_debian

https://www.debian.org/security/2018/dsa-4187

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2018:1347

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2018:1348

Third Party Advisory vendor-advisory x_refsource_debian

https://www.debian.org/security/2018/dsa-4188

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2018:1354

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1040806

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2018:1355

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2018:1345

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2018:1318

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2018:1374

Mailing List, Patch, Third Party Advisory mailing-list x_refsource_mlist

https://lkml.org/lkml/2018/4/6/813

Third Party Advisory mailing-list x_refsource_mlist

https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html

Third Party Advisory vendor-advisory x_refsource_ubuntu

https://usn.ubuntu.com/3641-2/

Third Party Advisory vendor-advisory x_refsource_ubuntu

https://usn.ubuntu.com/3641-1/

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html

Scores

CVSS v3 5.5

EPSS 0.0048

EPSS Percentile 65.1%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-119

Status published

Products (23)

canonical/ubuntu_linux 12.04

canonical/ubuntu_linux 14.04

canonical/ubuntu_linux 16.04

canonical/ubuntu_linux 17.10

debian/debian_linux 7.0

debian/debian_linux 8.0

debian/debian_linux 9.0

linux/linux_kernel 3.18

redhat/enterprise_linux 7.0

redhat/enterprise_linux 7.2

... and 13 more

Published May 24, 2018

Tracked Since Feb 18, 2026