DisplayLink DRM Driver Had A Local Privilege Escalation Vulnerability
CVE-2018-8781 was made public today as a new local privilege escalation vulnerability in the mainline Linux kernel that has been present since the Linux 3.4 kernel release six years ago.
The DisplayLink DRM driver's udl_fb_mmap function is prone to an integer overflow vulnerability that could allow local users on systems using the udldrmfb driver to obtain full read/write permissions on kernel physical pages, thereby allowing code execution in kernel space.
The good news is that a patch has been out there since the end of March and sent back to the various stable series. So if you are on the latest stable kernel releases or Git you should be in good shape. The code was mainlined back at the end of March and is present since 4.16-rc7 and backported as far back as the Linux 3.18 LTS kernel.
CVE-2018-8781 is outlined at nist.gov.
The DisplayLink DRM driver's udl_fb_mmap function is prone to an integer overflow vulnerability that could allow local users on systems using the udldrmfb driver to obtain full read/write permissions on kernel physical pages, thereby allowing code execution in kernel space.
The good news is that a patch has been out there since the end of March and sent back to the various stable series. So if you are on the latest stable kernel releases or Git you should be in good shape. The code was mainlined back at the end of March and is present since 4.16-rc7 and backported as far back as the Linux 3.18 LTS kernel.
CVE-2018-8781 is outlined at nist.gov.