UBUNTU-CVE-2018-5995

Advisory lineage Upstream: 1 Downstream: 1
Upstream
CVE-2018-5995
Downstream
USN-5343-1
Published: 07 Aug 2018, 18:29
Last modified:22 Apr 2026, 11:59

Vulnerability Summary

Overall Risk (default)
low
22/100
CVSS Score
5.5 MEDIUM
3.0 (osv_ubuntu)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

07 Aug 2018, 18:29
Published
Vulnerability first disclosed
22 Apr 2026, 11:59
Last Modified
Vulnerability information updated

Description

The pcpu_embed_first_chunk function in mm/percpu.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "pages/cpu" printk call.

CVSS Metrics

  • v3.0MEDIUMScore: 5.5CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Systems

  • ubuntulinux

    all | < 4.4.0-222.255

  • ubuntulinux-aws

    < 4.4.0-1102.107 | < 4.4.0-1138.152

  • ubuntulinux-azure

    < 4.15.0-1013.13~16.04.2

  • ubuntulinux-gcp

    < 4.15.0-1014.14~16.04.1

  • ubuntulinux-hwe

    < 4.15.0-24.26~16.04.1

  • ubuntulinux-kvm

    < 4.4.0-1103.112

  • ubuntulinux-lts-xenial

    < 4.4.0-222.255~14.04.1

  • ubuntulinux-snapdragon

    < 4.15.0-1053.57

References (4)