Main Vulnerability Database SB2018111514

SB2018111514 - Fedora 29 update for kernel, kernel-headers, kernel-tools

Published: November 15, 2018 Updated: April 24, 2025

Security Bulletin ID SB2018111514

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Information disclosure

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Information disclosure (CVE-ID: CVE-2018-18710)

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The vulnerability exists in the cdrom_ioctl_select_disc function, as defined in the drivers/cdrom/cdrom.c source code file due to boundary error when processing of user-supplied input. A local attacker can access the system, execute an application that submits malicious input to read arbitrary kernel memory on the system, which could be used to conduct additional attacks.

Remediation

Install update from vendor's website.

References

https://bodhi.fedoraproject.org/updates/FEDORA-2018-f55c305488