CVE-2018-16862 MEDIUM

CVE-2018-16862

Vendor [Unknown]

Product kernel:

Weakness CWE-200 · Info exposure

Published November 26, 2018

Last update August 5, 2024

View on NVD All CVEs

CVSS base score

5.3/10

Attack vector Local

Attack complexity High

Privileges required None

User interaction Required

Confidentiality High

Integrity Low

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N

What the vulnerability does

01Description

A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.

Key dates

02Disclosure timeline

November 26, 2018 CVE published

August 5, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2018-16862 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/200.html

Related vulnerabilities

CVE-2018-16862

01Description

02Disclosure timeline

03References

04Related CVE