Early Access — Mondoo Vulnerability Intelligence is currently in preview.
An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940.
Exploitability
AV:LAC:LPR:LUI:NScope
S:UImpact
C:LI:NA:H6.1/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H