Home CVE Database CVE-2018-1118

CVE-2018-1118

Description

Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file.

Priority: LOW
CVSS v3: 5.5
Publish Date: May 10, 2018
Related ID: --
CVSS v2: MEDIUM
Modified Date: May 10, 2018

Find out more about CVE-2018-1118 from the MITRE-CVE dictionary and NIST NVD


Products Affected

Login may be required to access defects or downloads.

Related Products

Product Name Status Defect Fixed Downloads
Linux 7 SCP Not Vulnerable -- -- --
Linux 7 CGP Not Vulnerable -- -- --

Comments

linux

Live chat
Online