Early Access — Mondoo Vulnerability Intelligence is currently in preview.
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allows local users to obtain potentially sensitive address information, aka a "pointer leak."
4.15.0-1023.24~14.04.14.11.0-1009.94.11.0-1011.114.11.0-1013.134.11.0-1014.144.11.0-1015.154.11.0-1016.164.13.0-1005.74.13.0-1006.84.13.0-1007.94.13.0-1009.12+5 more4.15.0-1013.13~16.04.24.10.0-1004.44.10.0-1006.64.10.0-1007.74.10.0-1008.84.10.0-1009.94.13.0-1002.54.13.0-1006.94.13.0-1007.104.13.0-1008.114.13.0-1011.15+5 more4.15.0-1014.14~16.04.14.10.0-27.30~16.04.24.10.0-28.32~16.04.24.10.0-30.34~16.04.14.10.0-32.36~16.04.14.10.0-33.37~16.04.14.10.0-35.39~16.04.14.10.0-37.41~16.04.14.10.0-38.42~16.04.14.10.0-40.44~16.04.14.10.0-42.46~16.04.1+24 more4.15.0-24.26~16.04.1Exploitability
AV:LAC:LPR:LUI:NScope
S:UImpact
C:LI:NA:NCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N