CVE-2018-18281 in Androidinformation

Résumé (Anglaise)

Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. This is fixed in the following kernel versions: 4.9.135, 4.14.78, 4.18.16, 4.19.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Réserver

12/10/2018

Divulgation

30/10/2018

Statut

Confirmé

Entrées

VulDB provides additional information and datapoints for this CVE:

ID	Vulnérabilité	CWE	Exp	Con	CVE
130429	Google Android TLB élévation de privilèges	20	Non défini	Correctif officiel	CVE-2018-18281
126147	Linux Kernel mremap élévation de privilèges	20	Non défini	Correctif officiel	CVE-2018-18281

Description

CPE

CWE

CVSS

Exploits

Histoire

Diff

Relier

Renseignements sur les menaces

API JSON

API XML

API CSV

Sources

◂ PrécédentAperçuSuivant ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!