CVE-2018-1171
HIGHJoyent SmartOS release-20170803-20170803T064301Z - Out-of-bounds Write in DTrace DOF Files
Title source: llmDescription
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DTrace DOF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code under the context of the host OS. Was ZDI-CAN-5106.
References (5)
Core 5
Core References
Vendor Advisory x_refsource_confirm
https://help.joyent.com/hc/en-us/articles/360000608188
Patch, Third Party Advisory x_refsource_confirm
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1041303
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/104799
Third Party Advisory, VDB Entry x_refsource_misc
https://zerodayinitiative.com/advisories/ZDI-18-236
Scores
CVSS v3
7.0
EPSS
0.0045
EPSS Percentile
36.1%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-787
Status
published
Products (3)
joyent/smartos
20170803-20170803t064301z
oracle/solaris
10
oracle/solaris
11.3
Published
Mar 19, 2018
Tracked Since
Feb 18, 2026