Advisory No: TZCERT/SA/2018/07/03
Date of First Release: 3rd July 2018 .
Source: Linux Kernel Organization, Cisco, Bugzilla et.c
Product Affected: Linux kernel prior to 4.16.6
Overview:
A vulnerability has been reported in Linux kernel which could allow a local attacker to read out kernel memory leading to information disclosure of sensitive information.
Description:
This vulnerability exists in the cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c of the Linux Kernel due to its failure to handle incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl. A local attacker could exploit this vulnerability by executing a malicious input to the target system.
Impact:
Successful exploitation of this vulnerability could allow the attacker to read kernel memory leading to disclosure of sensitive information.
Solution:
Users and administrators are urged to apply appropriate updates and patches as mentioned in the following links: Kernel 4.16.6 or later and cdrom: information leak in cdrom_ioctl_media_changed()
Furthermore, system administrators are recommended to monitor their critical systems running on linux operating systems (OS) and ensure that only trusted and privileged users have access.
References:
- https://tools.cisco.com/security/center/viewAlert.x?alertId=58170&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Linux%20Kernel%20cdrom_ioctl_media_changed%20Function%20Kernel%20Memory%20Read%20Vulnerability&vs_k=1
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9de4ee40547fd315d4a0ed1dd15a2fa3559ad707
- https://bugzilla.redhat.com/show_bug.cgi?id=1577408