CVE-2018-1166 — HIGH (7.8) — White Hats Nepal

Vulnerability Description

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SMBIOC_TREE_RELE ioctl. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the host OS. Was ZDI-CAN-4984.

CVSS Score

7.8

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Joyent	Smartos	20170803

Related Weaknesses (CWE)

CWE-20 CWE-416

References

https://help.joyent.com/hc/en-us/articles/360000124928Vendor Advisory
https://zerodayinitiative.com/advisories/ZDI-18-159Third Party AdvisoryVDB Entry
https://help.joyent.com/hc/en-us/articles/360000124928Vendor Advisory
https://zerodayinitiative.com/advisories/ZDI-18-159Third Party AdvisoryVDB Entry

FAQ

What is CVE-2018-1166?

CVE-2018-1166 is a vulnerability with a CVSS score of 7.8 (HIGH). This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute l...

How severe is CVE-2018-1166?

CVE-2018-1166 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-1166?

Check the references section above for vendor advisories and patch information. Affected products include: Joyent Smartos.