The vendor has released a patch for this issue, but as of November 14, there was no public release of the updated kernel. As a workaround, the vendor recommends disabling the FwBlockSericceSmm driver until a public release of the updated kernel is made available.

CVE-2018-18367 A potential privilege escalation flaw was found in the way the Linux kernel’s VirtualWire device driver handled authentication of packets to determine the virtual network interface card (VNIC) to which a packet should be sent. A remote attacker could use this flaw to impersonate another VNIC, allowing for possible privilege escalation.
As a precaution, user installations are advised to disable the VirtualWire device driver until a fix can be applied.

CVE-2018-18371 An issue was discovered with the Linux kernel’s vhost_net API where user-space applications could potentially receive invalid network data via packets being forwarded in an unintended direction by the vhost_net module.
After filing the bug, an updated Linux kernel package, version 4.18.5, was released by the vendor.

CVE-2018-18372 An issue was discovered with the Linux kernel’s network polling code where a single packet to an L2 network could result in an invalid memory reference that could be exploited by sending crafted packets.
This is similar to a flaw encountered in previous versions of the kernel for the vhost_net API where a single packet

References br

1.
CVE-2018-18367
2.
CVE-2018-18371
3.
CVE-2018-18372

Instance-based firewall and traffic shaper

A potential issue was found with the Linux kernel’s instance-based firewall and traffic shaper, where the code does not properly handle incoming traffic.
As a precaution, user installations are advised to disable these kernel modules until a fix can be applied.

Timeline

Published on: 09/21/2022 21:15:00 UTC
Last modified on: 09/26/2022 15:40:00 UTC

References