vulnerability
CentOS Linux: CVE-2018-14625: Important: kernel security, bug fix, and enhancement update (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:M/Au:S/C:C/I:C/A:C) | Sep 10, 2018 | Aug 28, 2019 | Jan 28, 2025 |
Severity
7
CVSS
(AV:L/AC:M/Au:S/C:C/I:C/A:C)
Published
Sep 10, 2018
Added
Aug 28, 2019
Modified
Jan 28, 2025
Description
A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly intercept or corrupt AF_VSOCK messages destined to other clients.
Solution(s)
centos-upgrade-kernelcentos-upgrade-kernel-rt
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.