CVE-2018-19854 — MEDIUM (4.7)

Q: How severe is CVE-2018-19854?

CVE-2018-19854 has been rated MEDIUM with a CVSS base score of 4.7/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2018-19854?

Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Canonical Ubuntu Linux.

Vulnerability Description

An issue was discovered in the Linux kernel before 4.19.3. crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sensitive memory to user programs. NOTE: this is a CVE-2013-2547 regression but with easier exploitability because the attacker does not need a capability (however, the system must have the CONFIG_CRYPTO_USER kconfig option).

CVSS Score

4.7

MEDIUM

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Linux	Linux Kernel	< 4.19.3
Canonical	Ubuntu Linux	14.04

Related Weaknesses (CWE)

CWE-200

References

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f43f39PatchVendor Advisory
https://access.redhat.com/errata/RHSA-2019:3309
https://access.redhat.com/errata/RHSA-2019:3517
https://github.com/torvalds/linux/commit/f43f39958beb206b53292801e216d9b8a660f08PatchThird Party Advisory
https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.3Vendor Advisory
https://usn.ubuntu.com/3872-1/Third Party Advisory
https://usn.ubuntu.com/3878-1/Third Party Advisory
https://usn.ubuntu.com/3878-2/Third Party Advisory
https://usn.ubuntu.com/3901-1/Third Party Advisory
https://usn.ubuntu.com/3901-2/Third Party Advisory
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f43f39PatchVendor Advisory
https://access.redhat.com/errata/RHSA-2019:3309
https://access.redhat.com/errata/RHSA-2019:3517
https://github.com/torvalds/linux/commit/f43f39958beb206b53292801e216d9b8a660f08PatchThird Party Advisory
https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.3Vendor Advisory

FAQ

What is CVE-2018-19854?

CVE-2018-19854 is a vulnerability with a CVSS score of 4.7 (MEDIUM). An issue was discovered in the Linux kernel before 4.19.3. crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that...

How severe is CVE-2018-19854?

CVE-2018-19854 has been rated MEDIUM with a CVSS base score of 4.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-19854?

Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Canonical Ubuntu Linux.