Bug 1084755 (CVE-2018-7995)

Summary: VUL-0: CVE-2018-7995: kernel: Race condition in the store_int_with_restart() function in arch/x86/kernel/cpu/mcheck/mce.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (panic)
Product: [Novell Products] SUSE Security Incidents Reporter: Karol Babioch <karol>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED INVALID QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: bpetkov, meissner, smash_bz, tiwai
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/201551/
Whiteboard: CVSSv3:SUSE:CVE-2018-7995:5.5:(AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Karol Babioch 2018-03-09 19:11:32 UTC
CVE-2018-7995

Race condition in the store_int_with_restart() function in
arch/x86/kernel/cpu/mcheck/mce.c in the Linux kernel through 4.15.7 allows local
users to cause a denial of service (panic) by leveraging root access to write to
/sys/devices/system/machinecheck/machinecheck<cpu number> (aka the
check_interval file)

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7995
https://lkml.org/lkml/2018/3/2/970
https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=b3b7c4795ccab5be71f080774c45bbbcc75c2aaf
Comment 3 Marcus Meissner 2018-03-14 15:31:33 UTC
Since only root can write to those sysfs variables, the issue is not a
seems not be security relevant.
Comment 6 Marcus Meissner 2019-02-12 06:42:29 UTC
we will not be fixing this issue.