{"api_version":"1","generated_at":"2026-04-23T08:04:30+00:00","cve":"CVE-2018-7755","urls":{"html":"https://cve.report/CVE-2018-7755","api":"https://cve.report/api/cve/CVE-2018-7755.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2018-7755","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2018-7755"},"summary":{"title":"CVE-2018-7755","description":"An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the obtained kernel pointer to discover the location of kernel code and data and bypass kernel security protections such as KASLR.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2018-03-08 07:29:00","updated_at":"2018-10-04 10:29:00"},"problem_types":["CWE-200"],"metrics":[],"references":[{"url":"https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html","name":"[debian-lts-announce] 20181003 [SECURITY] [DLA 1531-1] linux-4.9 security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 1531-1] linux-4.9 security update","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://usn.ubuntu.com/3698-1/","name":"USN-3698-1","refsource":"UBUNTU","tags":["Third Party Advisory"],"title":"USN-3698-1: Linux kernel vulnerabilities | Ubuntu security notices","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://usn.ubuntu.com/3696-2/","name":"USN-3696-2","refsource":"UBUNTU","tags":["Third Party Advisory"],"title":"USN-3696-2: Linux kernel (Xenial HWE) vulnerabilities | Ubuntu security notices","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2019:2029","name":"RHSA-2019:2029","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://usn.ubuntu.com/3698-2/","name":"USN-3698-2","refsource":"UBUNTU","tags":["Third Party Advisory"],"title":"USN-3698-2: Linux kernel (Trusty HWE) vulnerabilities | Ubuntu security notices","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://usn.ubuntu.com/3696-1/","name":"USN-3696-1","refsource":"UBUNTU","tags":["Third Party Advisory"],"title":"USN-3696-1: Linux kernel vulnerabilities | Ubuntu security notices","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2019:2043","name":"RHSA-2019:2043","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://usn.ubuntu.com/3697-2/","name":"USN-3697-2","refsource":"UBUNTU","tags":["Third Party Advisory"],"title":"USN-3697-2: Linux kernel (OEM) vulnerabilities | Ubuntu security notices","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://usn.ubuntu.com/3695-1/","name":"USN-3695-1","refsource":"UBUNTU","tags":["Third Party Advisory"],"title":"USN-3695-1: Linux kernel vulnerabilities | Ubuntu security notices","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://usn.ubuntu.com/3695-2/","name":"USN-3695-2","refsource":"UBUNTU","tags":["Third Party Advisory"],"title":"USN-3695-2: Linux kernel (HWE) vulnerabilities | Ubuntu security notices","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.debian.org/security/2018/dsa-4308","name":"DSA-4308","refsource":"DEBIAN","tags":[],"title":"Debian -- Security Information -- DSA-4308-1 linux","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://usn.ubuntu.com/3697-1/","name":"USN-3697-1","refsource":"UBUNTU","tags":["Third Party Advisory"],"title":"USN-3697-1: Linux kernel vulnerabilities | Ubuntu security notices","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lkml.org/lkml/2018/3/7/1116","name":"https://lkml.org/lkml/2018/3/7/1116","refsource":"MISC","tags":["Exploit","Third Party Advisory"],"title":"LKML: Brian Belleville: [PATCH] floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl","mime":"text/xml","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2018-7755","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7755","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2018","cve_id":"7755","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"12.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"esm","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"7755","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"14.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"7755","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"16.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"7755","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"17.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"7755","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"18.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"7755","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"12.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"esm","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"7755","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"14.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"7755","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"16.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"7755","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"17.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"7755","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"18.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"7755","vulnerable":"1","versionEndIncluding":"4.15.7","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2018-7755","qid":"752120","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:1651-1)"},{"cve":"CVE-2018-7755","qid":"752125","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:1686-1)"},{"cve":"CVE-2018-7755","qid":"752231","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2082-1)"},{"cve":"CVE-2018-7755","qid":"752250","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2111-1)"},{"cve":"CVE-2018-7755","qid":"753703","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:0416-1)"},{"cve":"CVE-2018-7755","qid":"753707","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:0416-1)"},{"cve":"CVE-2018-7755","qid":"753727","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:0416-1)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2018-7755","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the obtained kernel pointer to discover the location of kernel code and data and bypass kernel security protections such as KASLR."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"USN-3695-1","refsource":"UBUNTU","url":"https://usn.ubuntu.com/3695-1/"},{"name":"USN-3696-1","refsource":"UBUNTU","url":"https://usn.ubuntu.com/3696-1/"},{"name":"USN-3695-2","refsource":"UBUNTU","url":"https://usn.ubuntu.com/3695-2/"},{"name":"[debian-lts-announce] 20181003 [SECURITY] [DLA 1531-1] linux-4.9 security update","refsource":"MLIST","url":"https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html"},{"name":"USN-3697-1","refsource":"UBUNTU","url":"https://usn.ubuntu.com/3697-1/"},{"name":"https://lkml.org/lkml/2018/3/7/1116","refsource":"MISC","url":"https://lkml.org/lkml/2018/3/7/1116"},{"name":"USN-3697-2","refsource":"UBUNTU","url":"https://usn.ubuntu.com/3697-2/"},{"name":"DSA-4308","refsource":"DEBIAN","url":"https://www.debian.org/security/2018/dsa-4308"},{"name":"USN-3698-1","refsource":"UBUNTU","url":"https://usn.ubuntu.com/3698-1/"},{"name":"USN-3696-2","refsource":"UBUNTU","url":"https://usn.ubuntu.com/3696-2/"},{"name":"USN-3698-2","refsource":"UBUNTU","url":"https://usn.ubuntu.com/3698-2/"},{"refsource":"REDHAT","name":"RHSA-2019:2043","url":"https://access.redhat.com/errata/RHSA-2019:2043"},{"refsource":"REDHAT","name":"RHSA-2019:2029","url":"https://access.redhat.com/errata/RHSA-2019:2029"}]}},"nvd":{"publishedDate":"2018-03-08 07:29:00","lastModifiedDate":"2018-10-04 10:29:00","problem_types":["CWE-200"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":5.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":1.8,"impactScore":3.6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:N/A:N","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":2.1},"severity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndIncluding":"4.15.7","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2018","CveId":"7755","Ordinal":"124068","Title":"CVE-2018-7755","CVE":"CVE-2018-7755","Year":"2018"},"notes":[{"CveYear":"2018","CveId":"7755","Ordinal":"1","NoteData":"An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the obtained kernel pointer to discover the location of kernel code and data and bypass kernel security protections such as KASLR.","Type":"Description","Title":null},{"CveYear":"2018","CveId":"7755","Ordinal":"2","NoteData":"2018-03-08","Type":"Other","Title":"Published"},{"CveYear":"2018","CveId":"7755","Ordinal":"3","NoteData":"2019-08-06","Type":"Other","Title":"Modified"}]}}}