CVE-2018-16862
Publication date 26 November 2018
Last updated 24 July 2024
Ubuntu priority
Cvss 3 Severity Score
A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.
From the Ubuntu Security Team
Vasily Averin and Pavel Tikhomirov discovered that the cleancache subsystem of the Linux kernel did not properly initialize new files in some situations. A local attacker could use this to expose sensitive information.
Status
Package | Ubuntu Release | Status |
---|---|---|
linux | ||
18.04 LTS bionic |
Fixed 4.15.0-58.64
|
|
16.04 LTS xenial |
Fixed 4.4.0-142.168
|
|
14.04 LTS trusty |
Not affected
|
|
linux-aws | ||
18.04 LTS bionic |
Fixed 4.15.0-1047.49
|
|
16.04 LTS xenial |
Fixed 4.4.0-1075.85
|
|
14.04 LTS trusty |
Fixed 4.4.0-1038.41
|
|
linux-aws-hwe | ||
18.04 LTS bionic | Not in release | |
16.04 LTS xenial |
Fixed 4.15.0-1047.49~16.04.1
|
|
14.04 LTS trusty | Not in release | |
linux-azure | ||
18.04 LTS bionic |
Fixed 5.0.0-1014.14~18.04.1
|
|
16.04 LTS xenial |
Fixed 4.15.0-1055.60
|
|
14.04 LTS trusty | Ignored | |
linux-azure-edge | ||
18.04 LTS bionic |
Fixed 5.0.0-1014.14~18.04.1
|
|
16.04 LTS xenial |
Fixed 4.15.0-1055.60
|
|
14.04 LTS trusty | Not in release | |
linux-euclid | ||
18.04 LTS bionic | Not in release | |
16.04 LTS xenial | Ignored | |
14.04 LTS trusty | Not in release | |
linux-flo | ||
18.04 LTS bionic | Not in release | |
16.04 LTS xenial | Ignored | |
14.04 LTS trusty | Not in release | |
linux-gcp | ||
18.04 LTS bionic |
Fixed 4.15.0-1040.42
|
|
16.04 LTS xenial |
Fixed 4.15.0-1040.42~16.04.1
|
|
14.04 LTS trusty | Not in release | |
linux-gcp-edge | ||
18.04 LTS bionic |
Fixed 4.15.0-1040.42
|
|
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
linux-gke | ||
18.04 LTS bionic | Not in release | |
16.04 LTS xenial | Ignored | |
14.04 LTS trusty | Not in release | |
linux-gke-4.15 | ||
18.04 LTS bionic |
Fixed 4.15.0-1040.42
|
|
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
linux-gke-5.0 | ||
18.04 LTS bionic |
Not affected
|
|
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
linux-goldfish | ||
18.04 LTS bionic | Not in release | |
16.04 LTS xenial | Ignored | |
14.04 LTS trusty | Not in release | |
linux-grouper | ||
18.04 LTS bionic | Not in release | |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
linux-hwe | ||
18.04 LTS bionic |
Fixed 5.0.0-23.24~18.04.1
|
|
16.04 LTS xenial |
Fixed 4.15.0-58.64~16.04.1
|
|
14.04 LTS trusty | Not in release | |
linux-hwe-edge | ||
18.04 LTS bionic |
Not affected
|
|
16.04 LTS xenial |
Fixed 4.15.0-58.64~16.04.1
|
|
14.04 LTS trusty | Not in release | |
linux-kvm | ||
18.04 LTS bionic |
Fixed 4.15.0-1042.42
|
|
16.04 LTS xenial |
Fixed 4.4.0-1040.46
|
|
14.04 LTS trusty | Not in release | |
linux-lts-trusty | ||
18.04 LTS bionic | Not in release | |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
linux-lts-utopic | ||
18.04 LTS bionic | Not in release | |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Ignored | |
linux-lts-vivid | ||
18.04 LTS bionic | Not in release | |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Ignored | |
linux-lts-wily | ||
18.04 LTS bionic | Not in release | |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Ignored | |
linux-lts-xenial | ||
18.04 LTS bionic | Not in release | |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty |
Fixed 4.4.0-142.168~14.04.1
|
|
linux-maguro | ||
18.04 LTS bionic | Not in release | |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
linux-mako | ||
18.04 LTS bionic | Not in release | |
16.04 LTS xenial | Ignored | |
14.04 LTS trusty | Not in release | |
linux-manta | ||
18.04 LTS bionic | Not in release | |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
linux-oem | ||
18.04 LTS bionic |
Fixed 4.15.0-1050.57
|
|
16.04 LTS xenial | Ignored | |
14.04 LTS trusty | Not in release | |
linux-oracle | ||
18.04 LTS bionic |
Fixed 4.15.0-1021.23
|
|
16.04 LTS xenial |
Fixed 4.15.0-1021.23~16.04.1
|
|
14.04 LTS trusty | Not in release | |
linux-raspi2 | ||
18.04 LTS bionic |
Fixed 4.15.0-1043.46
|
|
16.04 LTS xenial |
Fixed 4.4.0-1103.111
|
|
14.04 LTS trusty | Not in release | |
linux-snapdragon | ||
18.04 LTS bionic |
Fixed 4.15.0-1060.66
|
|
16.04 LTS xenial |
Fixed 4.4.0-1107.112
|
|
14.04 LTS trusty | Not in release |
Notes
Severity score breakdown
Parameter | Value |
---|---|
Base score | 5.5 · Medium |
Attack vector | Local |
Attack complexity | Low |
Privileges required | Low |
User interaction | None |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | None |
Availability impact | None |
Vector | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
References
Related Ubuntu Security Notices (USN)
- USN-4118-1
- Linux kernel (AWS) vulnerabilities
- 2 September 2019
- USN-4094-1
- Linux kernel vulnerabilities
- 13 August 2019
- USN-3879-1
- Linux kernel vulnerabilities
- 4 February 2019
- USN-3879-2
- Linux kernel (Xenial HWE) vulnerabilities
- 4 February 2019