Red Hat Bugzilla – Bug 1573699
CVE-2018-1118 kernel: vhost: Information disclosure in vhost/vhost.c:vhost_new_msg()
Last modified: 2018-05-11 02:42:48 EDT
The Linux kernel does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file.
https://marc.info/?t=152484394400005&r=1&w=2 (and the next pages)
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 1576187]