Sensitive Address Information Disclosure in Linux Kernel

Sensitive Address Information Disclosure in Linux Kernel

CVE-2018-5995 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

The pcpu_embed_first_chunk function in mm/percpu.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "pages/cpu" printk call.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.