Public Date:
1661503: CVE-2018-16885 kernel: out-of-bound read in memcpy_fromiovecend()
A flaw was found in the Linux kernel that allows the userspace to call memcpy_fromiovecend() and similar functions with a zero offset and buffer length. This can cause a read beyond the buffer boundaries flaw and, in certain cases, cause a memory access fault and a system halt by accessing invalid memory address.

Find out more about CVE-2018-16885 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v3 metrics

CVSS3 Base Score 4.7
CVSS3 Base Metrics CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity High
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity Impact None
Availability Impact High

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux for Real Time for NFV (v. 7) (kernel-rt) RHSA-2019:2043 2019-08-07
Red Hat Enterprise Linux 7 (kernel) RHSA-2019:2029 2019-08-06

Affected Packages State

Platform Package State
Red Hat Enterprise MRG 2 kernel-rt Will not fix
Red Hat Enterprise Linux 8 kernel Not affected
Red Hat Enterprise Linux 8 kernel-rt Not affected
Red Hat Enterprise Linux 7 kernel-alt Not affected
Red Hat Enterprise Linux 6 kernel Will not fix
Red Hat Enterprise Linux 5 kernel Will not fix
Unless explicitly stated as not affected, all previous versions of packages in any minor update stream of a product listed here should be assumed vulnerable, although may not have been subject to full analysis.


This issue was discovered by Paolo Abeni (Red Hat).
Last Modified