Skip to content

Latest commit

 

History

History
52 lines (36 loc) · 1.22 KB

CVE-2018-5995.md

File metadata and controls

52 lines (36 loc) · 1.22 KB

[Suggested description] The pcpu_embed_first_chunk function in mm/percpu.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "pages/cpu" printk call.


[VulnerabilityType Other] local Information Disclosure


[Vendor of Product] linux kernel


[Affected Product Code Base] linux kernel - >=v2.6.32-rc1


[Affected Component] source file : mm/percpu.c function: int __init pcpu_embed_first_chunk { ... pr_info("PERCPU: Embedded %zu pages/cpu @%p s%zu r%zu d%zu u%zu\n", PFN_DOWN(size_sum), base, ai->static_size, ai->reserved_size, ai->dyn_size, ai->unit_size); }


[Attack Type] Local


[Impact Information Disclosure] true


[Attack Vectors] dmesg | grep "pages/cpu" //we can get a kernel obj address 0.000000] percpu: Embedded 46 pages/cpu @ffff99c9aec00000 s149784 r8192 d30440 u524288


[Discoverer] ADLab of VenusTech