{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "dateAssigned": "2018-05-18T00:00:00", "datePublic": "2018-04-06T00:00:00", "descriptions": [{"lang": "en", "value": "The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-06-13T08:13:02", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "DSA-4187", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2018/dsa-4187"}, {"name": "RHSA-2018:1347", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:1347"}, {"name": "RHSA-2018:1348", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:1348"}, {"name": "DSA-4188", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2018/dsa-4188"}, {"name": "RHSA-2018:1354", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:1354"}, {"name": "1040806", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1040806"}, {"name": "RHSA-2018:1355", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:1355"}, {"name": "RHSA-2018:1345", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:1345"}, {"name": "RHSA-2018:1318", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:1318"}, {"name": "RHSA-2018:1374", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:1374"}, {"name": "[linux-kernel] 20180406 [PATCH 3.18 40/93] perf/hwbp: Simplify the perf-hwbp code, fix documentation", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lkml.org/lkml/2018/4/6/813"}, {"name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"}, {"name": "USN-3641-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3641-2/"}, {"name": "USN-3641-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3641-1/"}, {"name": "openSUSE-SU-2020:0801", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "DATE_ASSIGNED": "2018-05-18T21:46:02.320084", "DATE_REQUESTED": "2018-04-17T08:55:55", "ID": "CVE-2018-1000199", "REQUESTER": "luto@kernel.org", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "DSA-4187", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4187"}, {"name": "RHSA-2018:1347", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1347"}, {"name": "RHSA-2018:1348", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1348"}, {"name": "DSA-4188", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4188"}, {"name": "RHSA-2018:1354", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1354"}, {"name": "1040806", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1040806"}, {"name": "RHSA-2018:1355", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1355"}, {"name": "RHSA-2018:1345", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1345"}, {"name": "RHSA-2018:1318", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1318"}, {"name": "RHSA-2018:1374", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1374"}, {"name": "[linux-kernel] 20180406 [PATCH 3.18 40/93] perf/hwbp: Simplify the perf-hwbp code, fix documentation", "refsource": "MLIST", "url": "https://lkml.org/lkml/2018/4/6/813"}, {"name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"}, {"name": "USN-3641-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3641-2/"}, {"name": "USN-3641-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3641-1/"}, {"name": "openSUSE-SU-2020:0801", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T12:40:46.875Z"}, "title": "CVE Program Container", "references": [{"name": "DSA-4187", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2018/dsa-4187"}, {"name": "RHSA-2018:1347", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:1347"}, {"name": "RHSA-2018:1348", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:1348"}, {"name": "DSA-4188", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2018/dsa-4188"}, {"name": "RHSA-2018:1354", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:1354"}, {"name": "1040806", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1040806"}, {"name": "RHSA-2018:1355", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:1355"}, {"name": "RHSA-2018:1345", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:1345"}, {"name": "RHSA-2018:1318", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:1318"}, {"name": "RHSA-2018:1374", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:1374"}, {"name": "[linux-kernel] 20180406 [PATCH 3.18 40/93] perf/hwbp: Simplify the perf-hwbp code, fix documentation", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lkml.org/lkml/2018/4/6/813"}, {"name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"}, {"name": "USN-3641-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3641-2/"}, {"name": "USN-3641-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3641-1/"}, {"name": "openSUSE-SU-2020:0801", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-1000199", "datePublished": "2018-05-24T13:00:00", "dateReserved": "2018-04-17T00:00:00", "dateUpdated": "2024-08-05T12:40:46.875Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*", "matchCriteriaId": "364CAD86-F652-4B84-932A-A8D9146C9010", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "2E4DC974-235F-4655-966F-2490A4C4E490", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "B99A2411-7F6A-457F-A7BF-EB13C630F902", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "041F9200-4C01-4187-AE34-240E8277B54D", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*", "matchCriteriaId": "4EB48767-F095-444F-9E05-D9AC345AB803", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "1C8D871B-AEA1-4407-AEE3-47EC782250FF", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "A8442C20-41F9-47FD-9A12-E724D3A31FD7", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "6755B6AD-0422-467B-8115-34A60B1D1A40", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f."}, {"lang": "es", "value": "El kernel de Linux en su versi\u00f3n 3.18 contiene una vulnerabilidad de funcionalidad peligrosa en modify_user_hw_breakpoint() que puede resultar en un cierre inesperado y en una posible corrupci\u00f3n de memoria. El ataque parece ser explotable mediante la ejecuci\u00f3n de c\u00f3digo local y la capacidad de usar ptrace. La vulnerabilidad parece haber sido solucionada en el commit git con ID f67b15037a7a50c57f72e69a6d59941ad90a0f0f."}], "id": "CVE-2018-1000199", "lastModified": "2020-08-24T17:37:01.140", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-05-24T13:29:01.290", "references": [{"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1040806"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:1318"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:1345"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:1347"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:1348"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:1354"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:1355"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:1374"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "https://lkml.org/lkml/2018/4/6/813"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3641-1/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3641-2/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2018/dsa-4187"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2018/dsa-4188"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Andy Lutomirski for reporting this issue.", "affected_release": [{"advisory": "RHSA-2018:1355", "cpe": "cpe:/a:redhat:rhel_extras_rt:7", "package": "kernel-rt-0:3.10.0-862.2.3.rt56.806.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2018-05-08T00:00:00Z"}, {"advisory": "RHSA-2018:1318", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "kernel-0:3.10.0-862.2.3.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2018-05-08T00:00:00Z"}, {"advisory": "RHSA-2018:1374", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "kernel-alt-0:4.14.0-49.2.2.el7a", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2018-05-14T00:00:00Z"}, {"advisory": "RHSA-2018:1347", "cpe": "cpe:/o:redhat:rhel_aus:7.2", "package": "kernel-0:3.10.0-327.66.3.el7", "product_name": "Red Hat Enterprise Linux 7.2 Advanced Update Support", "release_date": "2018-05-08T00:00:00Z"}, {"advisory": "RHSA-2018:1347", "cpe": "cpe:/o:redhat:rhel_tus:7.2", "package": "kernel-0:3.10.0-327.66.3.el7", "product_name": "Red Hat Enterprise Linux 7.2 Telco Extended Update Support", "release_date": "2018-05-08T00:00:00Z"}, {"advisory": "RHSA-2018:1347", "cpe": "cpe:/o:redhat:rhel_e4s:7.2", "package": "kernel-0:3.10.0-327.66.3.el7", "product_name": "Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions", "release_date": "2018-05-08T00:00:00Z"}, {"advisory": "RHSA-2018:1348", "cpe": "cpe:/o:redhat:rhel_eus:7.3", "package": "kernel-0:3.10.0-514.48.3.el7", "product_name": "Red Hat Enterprise Linux 7.3 Extended Update Support", "release_date": "2018-05-08T00:00:00Z"}, {"advisory": "RHSA-2018:1345", "cpe": "cpe:/o:redhat:rhel_eus:7.4", "package": "kernel-0:3.10.0-693.25.4.el7", "product_name": "Red Hat Enterprise Linux 7.4 Extended Update Support", "release_date": "2018-05-08T00:00:00Z"}, {"advisory": "RHSA-2018:1354", "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package": "kernel-rt-1:3.10.0-693.25.4.rt56.613.el6rt", "product_name": "Red Hat Enterprise MRG 2", "release_date": "2018-05-08T00:00:00Z"}], "bugzilla": {"description": "kernel: ptrace() incorrect error handling leads to corruption and DoS", "id": "1568477", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568477"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.8", "cvss3_scoring_vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-460", "details": ["The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f.", "An address corruption flaw was discovered in the Linux kernel built with hardware breakpoint (CONFIG_HAVE_HW_BREAKPOINT) support. While modifying a h/w breakpoint via 'modify_user_hw_breakpoint' routine, an unprivileged user/process could use this flaw to crash the system kernel resulting in DoS OR to potentially escalate privileges on a the system."], "mitigation": {"lang": "en:us", "value": "To mitigate this issue:\n1) Save the following script in a 'CVE-2018-1000199.stp' file.\n---\nprobe kernel.function(\"ptrace_set_debugreg\") {\nif ($n < 4)\n$n = 4; /* set invalid debug register #, returns -EIO */\n}\nprobe begin {\nprintk(0, \"CVE-2018-1000199 mitigation loaded\")\n}\nprobe end {\nprintk(0, \"CVE-2018-1000199 mitigation unloaded\")\n}\n---\n2) Install systemtap package and its dependencies\n# yum install -y systemtap systemtap-runtime\n# yum install -y kernel-devel kernel-debuginfo kernel-debuginfo-common\n3) Build the mitigation kernel module as root.\n# stap -r `uname -r` -m cve_2018_1000199.ko -g CVE-2018-1000199.stp -p4\n4) Load the mitigation module as root\n# staprun -L cve_2018_1000199.ko"}, "name": "CVE-2018-1000199", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}], "public_date": "2018-05-01T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2018-1000199\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-1000199"], "statement": "This issue does not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 6.\nThis issue affects the version of the kernel package as shipped with Red Hat Enterprise Linux 7 and Red Hat Enterprise MRG 2. Future kernel updates for Red Hat Enterprise Linux 7 and Red Hat Enterprise MRG 2 may address this issue.", "threat_severity": "Important"}