CVE-2018-7273

MEDIUM

Linux Kernel < 4.15.4 - Kernel Address Exposure via Floppy Driver Printk

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2018-7273. PoCs published by Gregory Draperi, jedai47.

AI-analyzed exploit summary This exploit targets a vulnerability in the Linux kernel's floppy driver (CVE-2018-7273) by sending a malformed FDRAWCMD ioctl request to trigger a denial-of-service condition. The code opens /dev/fd0 and issues a recalibrate command with a crafted drive selector.

Description

In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function show_floppy in drivers/block/floppy.c. An attacker can read this information from dmesg and use the addresses to find the locations of kernel code and data and bypass kernel security protections such as KASLR.

Exploits (2)

exploitdb WORKING POC
by Gregory Draperi · clocallinux
https://www.exploit-db.com/exploits/44325

This exploit targets a vulnerability in the Linux kernel's floppy driver (CVE-2018-7273) by sending a malformed FDRAWCMD ioctl request to trigger a denial-of-service condition. The code opens /dev/fd0 and issues a recalibrate command with a crafted drive selector.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Linux kernel (floppy driver) before 4.15.7
No auth needed
Prerequisites: Access to /dev/fd0 · Floppy drive module loaded
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC
by jedai47 · poc
https://github.com/jedai47/CVE-2018-7273

This PoC exploits CVE-2018-7273, a vulnerability in the Linux kernel's floppy driver. It sends a malformed FDRAWCMD ioctl request to trigger a denial-of-service condition by causing a kernel panic or crash.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Linux kernel (versions affected by CVE-2018-7273)
No auth needed
Prerequisites: Access to a system with a floppy drive (/dev/fd0) · Kernel vulnerable to CVE-2018-7273
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Mailing List, Third Party Advisory x_refsource_misc
https://lkml.org/lkml/2018/2/20/669
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/44325/
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/103088

Scores

CVSS v3 5.5
EPSS 0.0168
EPSS Percentile 82.7%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-200
Status published
Products (1)
linux/linux_kernel < 4.15.4
Published Feb 21, 2018
Tracked Since Feb 18, 2026