Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 17 Oct 2018 20:36:24 +0200
From: Jann Horn <>
Subject: Linux kernel: BPF verifier bug leads to out-of-bounds access
 (CVE-2018-18445; 4.14.9-4.14.74; 4.15-4.18.12)

NOTE: I have requested a CVE identifier, and I'm sending this message,
to make tracking of the fix easier; however, to avoid missing security
fixes without CVE identifiers, you should *NOT* be cherry-picking a
specific patch in response to a notification about a kernel security

In Linux kernel versions 4.14.9-4.14.74 and 4.15-4.18.12, faulty
computation of numeric bounds in the BPF verifier permits
out-of-bounds memory accesses because adjust_scalar_min_max_vals in
kernel/bpf/verifier.c mishandles 32-bit right shifts. 4.18.13 and
4.14.75 are fixed.

This is CVE-2018-18445.

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.