Linux Kernel Vulnerability

Advisory No: TZCERT/SA/2018/07/03

Date of First Release: 3^rd July 2018 .

Source: Linux Kernel Organization, Cisco, Bugzilla et.c

Product Affected: Linux kernel prior to 4.16.6

Overview:

A vulnerability has been reported in Linux kernel which could allow a local attacker to read out kernel memory leading to information disclosure of sensitive information.

Description:

This vulnerability exists in the cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c of the Linux Kernel due to its failure to handle incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl. A local attacker could exploit this vulnerability by executing a malicious input to the target system.

Impact:

Successful exploitation of this vulnerability could allow the attacker to read kernel memory leading to disclosure of sensitive information.

Solution:

Users and administrators are urged to apply appropriate updates and patches as mentioned in the following links:  Kernel 4.16.6 or later   and cdrom: information leak in cdrom_ioctl_media_changed()

Furthermore, system administrators are recommended to monitor their critical systems running on linux operating systems (OS) and ensure that only trusted and privileged users have access.

References:

1. https://tools.cisco.com/security/center/viewAlert.x?alertId=58170&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Linux%20Kernel%20cdrom_ioctl_media_changed%20Function%20Kernel%20Memory%20Read%20Vulnerability&vs_k=1
2. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9de4ee40547fd315d4a0ed1dd15a2fa3559ad707
   
3. https://bugzilla.redhat.com/show_bug.cgi?id=1577408