Wind River Support Network

HomeDefectsLIN10-4893

Fixed

LIN10-4893 : Security Advisory - linux - CVE-2018-18281

Created: Oct 31, 2018 Updated: Feb 2, 2019

Resolved Date: Nov 18, 2018

Found In Version: 10.17.41.1

Fix Version: 10.17.41.13

Severity: Standard

Applicable for: Wind River Linux LTS 17

Component/s: Kernel

Description

Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. This is fixed in the following kernel versions: 4.9.135, 4.14.78, 4.18.16, 4.19.

https://nvd.nist.gov/vuln/detail/CVE-2018-18281

Other Downloads

Wind River Linux LTS 10.17.41.13
Wind River Linux LTS 10.17.41.14
Wind River Linux LTS 10.17.41.15
Wind River Linux LTS 10.17.41.16
Wind River Linux LTS 10.17.41.17
Wind River Linux LTS 10.17.41.18
Wind River Linux LTS 10.17.41.20
Wind River Linux LTS 10.17.41.21
Wind River Linux LTS 10.17.41.22
Wind River Linux LTS 10.17.41.23
Wind River Linux LTS 10.17.41.24
Wind River Linux LTS 10.17.41.25
Wind River Linux LTS 10.17.41.26
Wind River Linux LTS 10.17.41.27

CVEs

CVE-2018-18281