MNBSD-2018-1: Insufficient validation in the ELF header parser

Severity: Unknown

Affected Package: kernel

Summary: Insufficient validation in the ELF header parser

Description

Insufficient validation was performed in the kernel ELF header parser, and malformed or otherwise invalid ELF binaries were not rejected as they should be. Execution of a malicious ELF binary by a local unprivileged user may result in a kernel crash or disclosure of kernel memory contents.

Affected Versions

kernel

Recommendations

No specific recommendations provided.

References

Additional Information

Aliases: CVE-2018-6924

Published: September 12, 2018
Last Modified: September 12, 2018