An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940.
3.13.0-162.2124.4.0-1032.354.15.0-1031.32~14.04.14.4.0-138.164~14.04.14.4.0-138.1644.4.0-1070.804.15.0-1031.32~16.04.14.15.0-1024.25~16.04.24.15.0-39.42~16.04.14.4.0-1036.42Exploitability
AV:LAC:LPR:LUI:NScope
S:UImpact
C:LI:NA:HCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H