 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2018-1118 |
| Description: | Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file. |
| Test IDs: | 1.3.6.1.4.1.25623.1.1.1.2.2018.1423 |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2018-1118 RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2018:2948 RHSA-2018:3083 https://access.redhat.com/errata/RHSA-2018:3083 RHSA-2018:3096 https://access.redhat.com/errata/RHSA-2018:3096 USN-3762-1 https://usn.ubuntu.com/3762-1/ USN-3762-2 https://usn.ubuntu.com/3762-2/ [debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1118 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1118 |