Memory Corruption

2019-01-1509:23:06

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.001 Low

EPSS

Percentile

26.8%

JSON

kernel-rt is vulnerable to arbitrary code execution attacks. The vulnerability exists as the Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace.

CPENameOperatorVersion
kernel-rteq3.10.0__693.17.1.rt56.604.el6rt
kernel-rteq3.0.36__rt57.66.el6rt
kernel-rteq3.10.0__229.rt56.162.el6rt
kernel-rteq3.10.0__327.rt56.198.el6rt
kernel-rteq3.10.0__693.2.2.rt56.588.el6rt
kernel-rteq3.10.0__229.rt56.153.el6rt
kernel-rteq3.0.9__rt26.46.el6rt
kernel-rteq3.10.0__327.rt56.195.el6rt
kernel-rteq3.10.0__693.5.2.rt56.592.el6rt
kernel-rteq3.8.13__rt14.20.el6rt

Name	Operator	Version
kernel-rt	eq	3.10.0__693.17.1.rt56.604.el6rt
kernel-rt	eq	3.0.36__rt57.66.el6rt
kernel-rt	eq	3.10.0__229.rt56.162.el6rt
kernel-rt	eq	3.10.0__327.rt56.198.el6rt
kernel-rt	eq	3.10.0__693.2.2.rt56.588.el6rt
kernel-rt	eq	3.10.0__229.rt56.153.el6rt
kernel-rt	eq	3.0.9__rt26.46.el6rt
kernel-rt	eq	3.10.0__327.rt56.195.el6rt
kernel-rt	eq	3.10.0__693.5.2.rt56.592.el6rt
kernel-rt	eq	3.8.13__rt14.20.el6rt