CVE-2018-7755

NameCVE-2018-7755
DescriptionAn issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the obtained kernel pointer to discover the location of kernel code and data and bypass kernel security protections such as KASLR.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-1529-1, DLA-1531-1, DSA-4308-1
NVD severitylow (attack range: local)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
linux (PTS)jessie3.16.56-1+deb8u1vulnerable
jessie (security)3.16.59-1fixed
stretch4.9.110-1vulnerable
stretch (security)4.9.110-3+deb9u6fixed
buster, sid4.18.10-2fixed
linux-4.9 (PTS)jessie (security)4.9.110-3+deb9u5~deb8u1vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
linuxsource(unstable)4.18.10-1low
linuxsourcejessie3.16.59-1lowDLA-1529-1
linuxsourcestretch4.9.110-3+deb9u5lowDSA-4308-1
linux-4.9sourcejessie(unfixed)low

Notes

https://lkml.org/lkml/2018/5/29/495

Search for package or bug name: Reporting problems