Security Advisory

CVE-2018-20511

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-12-27 14:00:00
Last updated 2024-08-05 12:05:16
Assigner mitre
State PUBLISHED

Description

An issue was discovered in the Linux kernel before 4.18.11. The ipddp_ioctl function in drivers/net/appletalk/ipddp.c allows local users to obtain sensitive kernel address information by leveraging CAP_NET_ADMIN to read the ipddp_route dev and next fields via an SIOCFINDIPDDPRT ioctl call.