Issue metadata
Sign in to add a comment
|
CVE-2018-1118: kernel: vhost: Information disclosure in vhost/vhost.c:vhost_new_msg() |
||||||||||||||||||||||||
Issue descriptionThe Linux kernel does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file. Upstream post: https://lkml.org/lkml/2018/4/27/833
,
May 10 2018
,
May 10 2018
,
May 24 2018
groeck: Uh oh! This issue still open and hasn't been updated in the last 14 days. This is a serious vulnerability, and we want to ensure that there's progress. Could you please leave an update with the current status and any potential blockers? If you're not the right owner for this issue, could you please remove yourself as soon as possible or help us find the right one? If the issue is fixed or you can't reproduce it, please close the bug. If you've started working on a fix, please set the status to Started. Thanks for your time! To disable nags, add the Disable-Nags label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
May 24 2018
Sorry, sheriffbot, the fix will have to wait for an upstream solution.
,
May 24 2018
,
May 29 2018
The submitted patch generated extensive bike shedding and does not seem to be going anywhere. Requested status update. CVE severity has still not been determined, but is likely going to be low. Adjusting severity/impact and target release. Will readjust as needed after severity has been published.
,
Jun 14 2018
Issue 852760 has been merged into this issue.
,
Jun 14 2018
,
Jun 21 2018
Upstream commit 670ae9caaca4 ("vhost: fix info leak due to uninitialized memory"). Not yet available in any stable release, but tagged for it.
,
Jul 19
Fixed in chromeos-4.14 with merge of v4.14.52.
,
Oct 26
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||||
Comment 1 by groeck@chromium.org
, May 9 2018