CVE-2018-20669
HIGHLinux Kernel < 4.14.185 - Memory Corruption via i915_gem_execbuffer2_ioctl
Title source: llmDescription
An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation.
References (8)
Core 8
Core References
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/106748
Release Notes, Vendor Advisory x_refsource_misc
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/drivers/gpu/drm/i915/i915_gem_execbuffer.c
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html
Exploit, Mailing List, Patch, Third Party Advisory mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2019/01/23/6
Third Party Advisory x_refsource_misc
https://access.redhat.com/security/cve/cve-2018-20669
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20190404-0002/
Third Party Advisory x_refsource_confirm
https://support.f5.com/csp/article/K32059550
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/4485-1/
Scores
CVSS v3
7.8
EPSS
0.0008
EPSS Percentile
23.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-20
Status
published
Products (8)
canonical/ubuntu_linux
14.04
canonical/ubuntu_linux
16.04
canonical/ubuntu_linux
18.04
linux/linux_kernel
4.13 - 4.14.185
netapp/cn1610_firmware
netapp/hci_management_node
netapp/snapprotect
netapp/solidfire
Published
Mar 21, 2019
Tracked Since
Feb 18, 2026