#VU89840 Buffer overflow in Linux kernel
Vulnerability identifier: #VU89840
Vulnerability risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-119
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the dev_map_init_map() function in kernel/bpf/devmap.c. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Linux kernel:
External links
http://git.kernel.org/stable/c/225da02acdc97af01b6bc6ce1a3e5362bf01d3fb
http://git.kernel.org/stable/c/c826502bed93970f2fd488918a7b8d5f1d30e2e3
http://git.kernel.org/stable/c/edf7990baa48de5097daa9ac02e06cb4c798a737
http://git.kernel.org/stable/c/250051acc21f9d4c5c595e4fcb55986ea08c4691
http://git.kernel.org/stable/c/22079b3a423382335f47d9ed32114e6c9fe88d7c
http://git.kernel.org/stable/c/e89386f62ce9a9ab9a94835a9890883c23d9d52c
http://git.kernel.org/stable/c/281d464a34f540de166cee74b723e97ac2515ec3
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
