CVE-2018-1118

Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file.

Published: May 11, 2018
Updated: Apr 13, 2023
CVE: CVE-2018-1118
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-200
CWE-665

Affected Software
References

Software	From	Fixed in
linux / linux_kernel	4.8	4.18
debian / debian_linux	8.0	8.0.x
canonical / ubuntu_linux	16.04	16.04.x
canonical / ubuntu_linux	18.04	18.04.x
redhat / enterprise_linux_desktop	7.0	7.0.x
redhat / enterprise_linux_workstation	7.0	7.0.x
redhat / enterprise_linux_server	7.0	7.0.x
redhat / virtualization_host	4.0	4.0.x

https://access.redhat.com/errata/RHSA-2018:2948
https://access.redhat.com/errata/RHSA-2018:3083
https://access.redhat.com/errata/RHSA-2018:3096
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1118
https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html
https://usn.ubuntu.com/3762-1/
https://usn.ubuntu.com/3762-2/

Vulnerability Database

CVE-2018-1118