Bug 1636349 (CVE-2018-17972) - CVE-2018-17972 kernel: Unprivileged users able to inspect kernel stacks of arbitrary tasks
Summary: CVE-2018-17972 kernel: Unprivileged users able to inspect kernel stacks of ar...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2018-17972
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1642774 1636352 1636354 1636355 1638193 1638194 1638195 1638196 1638197 1642400 1642401 1687728
Blocks: 1636382
TreeView+ depends on / blocked
 
Reported: 2018-10-05 08:16 UTC by Andrej Nemec
Modified: 2021-02-16 22:58 UTC (History)
50 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel. An attacker with a local account can trick the stack unwinder code to leak stack contents to userspace. The fix allows only root to inspect the kernel stack of an arbitrary task.
Clone Of:
Environment:
Last Closed: 2019-06-10 10:39:16 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2019:0512 0 None None None 2019-03-13 22:58:03 UTC
Red Hat Product Errata RHSA-2019:0514 0 None None None 2019-03-13 18:46:29 UTC
Red Hat Product Errata RHSA-2019:0831 0 None None None 2019-04-23 14:30:28 UTC
Red Hat Product Errata RHSA-2019:2473 0 None None None 2019-08-13 14:59:29 UTC

Description Andrej Nemec 2018-10-05 08:16:09 UTC 
An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel .  An attacker with a local account can trick the stack unwinder code to leak stack contents to userspace. The fix allows only root may inspect the kernel stack of an arbitrary task.

Upstream patch:

https://marc.info/?l=linux-fsdevel&m=153806242024956&w=2
Comment 1 Andrej Nemec 2018-10-05 08:18:16 UTC 
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 1636352]
Comment 6 Fedora Update System 2018-10-16 12:09:11 UTC 
kernel-4.18.13-100.fc27, kernel-headers-4.18.13-100.fc27, kernel-tools-4.18.13-100.fc27 has been pushed to the Fedora 27 stable repository. If problems still persist, please make note of it in this bug report.
Comment 11 errata-xmlrpc 2019-03-13 18:46:26 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2019:0514 https://access.redhat.com/errata/RHSA-2019:0514
Comment 12 errata-xmlrpc 2019-03-13 22:58:01 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2019:0512 https://access.redhat.com/errata/RHSA-2019:0512
Comment 13 errata-xmlrpc 2019-04-23 14:30:25 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2019:0831 https://access.redhat.com/errata/RHSA-2019:0831
Comment 14 errata-xmlrpc 2019-08-13 14:59:26 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2019:2473 https://access.redhat.com/errata/RHSA-2019:2473
Note You need to log in before you can comment on or make changes to this bug.