Severity

High

Analysis Summary

 CVE-2018-25020

Linux Kernel is vulnerable to a buffer overflow, caused by improper bounds checking by the BPF subsystem when there is a long jump over an instruction sequence. By executing a specially-crafted program, a local attacker could overflow a buffer and execute arbitrary code or cause a denial of service condition on the system.

Impact

• Buffer Overflow

Affected Vendors

Linux

Affected Products

• Linux Kernel 4.16

Remediation

Upgrade to the latest version of Linux Kernel, available from the Linux Kernel GIT Repository.