CVE-2018-17972

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2018-17972

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-17972.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2018-17972

Downstream

DEBIAN-CVE-2018-17972

DLA-1715-1

DLA-1731-1

RHSA-2019:0512

RHSA-2019:0514

RHSA-2019:0831

RHSA-2019:2473

SUSE-SU-2019:14089-1

SUSE-SU-2019:1527-1

SUSE-SU-2019:1532-1

SUSE-SU-2019:1533-1

SUSE-SU-2019:1534-1

SUSE-SU-2019:1692-1

UBUNTU-CVE-2018-17972

USN-3821-1

USN-3821-2

USN-3871-1

USN-3871-3

USN-3871-4

USN-3871-5

USN-3880-1

Related

Published

2018-10-03T22:29:00Z

Modified

2025-08-09T20:01:26Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

An issue was discovered in the procpidstack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents.

References

Affected packages