Linux Kernel show_opcodes() Missing Address Validation Information Disclosure Vulnerability

By GIXnews

A vulnerability in the show_opcodes() function of the Linux Kernel could allow a local attacker to access sensitive information on a targeted system.

The vulnerability is due to improper validation when a missing address check occurs in the callers of the show_opcodes() function within the affected software. An attacker could exploit this vulnerability by using a malicious application to trigger a missing address check on a targeted system. A successful exploit could lead to a kernel memory dump being written to the dmesg log, allowing the attacker to access sensitive information. confirmed the vulnerability and released a software patch.

Security Impact Rating: Medium

CVE: CVE-2018-14656

Source:: Cisco Multivendor Vulnerability Alerts