Sensitive Address Information Disclosure in Linux Kernel's swiotlb_print_info Function

Sensitive Address Information Disclosure in Linux Kernel's swiotlb_print_info Function

CVE-2018-5953 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

The swiotlb_print_info function in lib/swiotlb.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "software IO TLB" printk call.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.