CVE-2018-7273
N/A
N/A
Summary
In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function show_floppy in drivers/block/floppy.c. An attacker can read this information from dmesg and use the addresses to find the locations of kernel code and data and bypass kernel security protections such as KASLR.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://lkml.org/lkml/2018/2/20/669
- https://www.exploit-db.com/exploits/44325/
- http://www.securityfocus.com/bid/103088
References
- https://lkml.org/lkml/2018/2/20/669
- https://www.exploit-db.com/exploits/44325/
- http://www.securityfocus.com/bid/103088
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.