A huge collection of 3400+ free website templates JAR theme com WP themes and more at the biggest community-driven free web design site
Home / security-advisories / Linux Kernel Vulnerability

Linux Kernel Vulnerability

Advisory No: TZCERT/SA/2018/07/03

Date of First Release: 3rd July 2018 .

Source: Linux Kernel Organization, Cisco, Bugzilla et.c

Product Affected: Linux kernel prior to 4.16.6


A vulnerability has been reported in Linux kernel which could allow a local attacker to read out kernel memory leading to information disclosure of sensitive information.


This vulnerability exists in the cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c of the Linux Kernel due to its failure to handle incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl. A local attacker could exploit this vulnerability by executing a malicious input to the target system.


Successful exploitation of this vulnerability could allow the attacker to read kernel memory leading to disclosure of sensitive information.


Users and administrators are urged to apply appropriate updates and patches as mentioned in the following links:  Kernel 4.16.6 or later   and cdrom: information leak in cdrom_ioctl_media_changed()

Furthermore, system administrators are recommended to monitor their critical systems running on linux operating systems (OS) and ensure that only trusted and privileged users have access.


  1. https://tools.cisco.com/security/center/viewAlert.x?alertId=58170&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Linux%20Kernel%20cdrom_ioctl_media_changed%20Function%20Kernel%20Memory%20Read%20Vulnerability&vs_k=1
  2. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9de4ee40547fd315d4a0ed1dd15a2fa3559ad707
  3. https://bugzilla.redhat.com/show_bug.cgi?id=1577408

Check Also

Critical Vulnerability in WordPress Bricks Plug-in (CVE-2024-25600)

Advisory No: TZCERT/SA/2024/02/22 Date of First Release: 22nd February 2024 Source: WordPress plugin Bricks Builder …