CVE-2018-12714

CRITICAL EPSS 91.6%
Published Jun 24, 20188y ago · Modified Jun 17, 20262w ago
9.8 CVSS 3.1
Critical
Find Similar
Published Jun 24, 2018 8y ago
Last Modified Jun 17, 2026 2w ago

Description

An issue was discovered in the Linux kernel through 4.17.2. The filter parsing in kernel/trace/trace_events_filter.c could be called with no filter, which is an N=0 case when it expected at least one line to have been read, thus making the N-1 index invalid. This allows attackers to cause a denial of service (slab out-of-bounds write) or possibly have unspecified other impact via crafted perf_event_open and mmap system calls.

CVSS Details

Base Score
9.8
Exploitability
3.9
Impact
5.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
91.6% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-787 Out-of-bounds Write Memory Safety

Affected Products 1

VendorProductVersionRange
linuxlinux_kernel*≥4.17  –  <4.17.4

References 5

  • git.kernel.org http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=81f9c4e4177d31ced6f52a89bb70e93bfb77ca03
    Vendor Advisory
  • securityfocus.com http://www.securityfocus.com/bid/104544
    Third Party AdvisoryVDB Entry
  • bugzilla.kernel.org https://bugzilla.kernel.org/show_bug.cgi?id=200019
    Issue TrackingVendor Advisory
  • github.com https://github.com/lcytxw/bug_repro/tree/master/bug_200019
    ExploitThird Party Advisory
  • github.com https://github.com/torvalds/linux/commit/81f9c4e4177d31ced6f52a89bb70e93bfb77ca03
    PatchThird Party Advisory

Remediation

  • github.com https://github.com/torvalds/linux/commit/81f9c4e4177d31ced6f52a89bb70e93bfb77ca03
    PatchThird Party Advisory