Vulnerability Name:

CVE-2018-18653 (CCN-152066)

Assigned:2018-10-19
Published:2018-10-19
Updated:2019-10-03
Summary:The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI Secure Boot enabled, allows privileged local users to bypass intended Secure Boot restrictions and execute untrusted code by loading arbitrary kernel modules. This occurs because a modified kernel/module.c, in conjunction with certain configuration options, leads to mishandling of the result of signature verification.
CVSS v3 Severity:7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.9 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:R)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
7.8 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.9 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:R)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
6.8 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-347
Vulnerability Consequences:Bypass Security
References:Source: MITRE
Type: CNA
CVE-2018-18653

Source: CCN
Type: Launchpad Bug #1798863
18.10 kernel does not appear to validate kernel module signatures correctly

Source: XF
Type: UNKNOWN
linux-kernel-cve201818653-sec-bypass(152066)

Source: MISC
Type: Exploit, Issue Tracking, Vendor Advisory
https://launchpad.net/bugs/1798863

Source: UBUNTU
Type: Patch, Vendor Advisory
USN-3832-1

Source: UBUNTU
Type: Patch, Vendor Advisory
USN-3835-1

Source: CCN
Type: Linux kernel Web site
The Linux Kernel Archives

Source: CCN
Type: Ubuntu Web site
ubuntu

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2018-18653

Vulnerable Configuration:Configuration 1:
  • cpe:/o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:linux:linux_kernel:-:*:*:*:*:*:*:*
  • AND
  • cpe:/o:canonical:ubuntu:18.10:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:com.ubuntu.bionic:def:2018186530000000
    V
    		CVE-2018-18653 on Ubuntu 18.04 LTS (bionic) - medium.
    2018-10-26
    oval:com.ubuntu.xenial:def:2018186530000000
    V
    		CVE-2018-18653 on Ubuntu 16.04 LTS (xenial) - medium.
    2018-10-26
    oval:com.ubuntu.bionic:def:201818653000
    V
    		CVE-2018-18653 on Ubuntu 18.04 LTS (bionic) - medium.
    2018-10-25
    oval:com.ubuntu.cosmic:def:2018186530000000
    V
    		CVE-2018-18653 on Ubuntu 18.10 (cosmic) - medium.
    2018-10-25
    oval:com.ubuntu.cosmic:def:201818653000
    V
    		CVE-2018-18653 on Ubuntu 18.10 (cosmic) - medium.
    2018-10-25
    oval:com.ubuntu.trusty:def:201818653000
    V
    		CVE-2018-18653 on Ubuntu 14.04 LTS (trusty) - medium.
    2018-10-25
    oval:com.ubuntu.xenial:def:201818653000
    V
    		CVE-2018-18653 on Ubuntu 16.04 LTS (xenial) - medium.
    2018-10-25
    BACK
    canonical ubuntu linux 18.10
    linux linux kernel -
    canonical ubuntu 18.10