CVE-2018-12633

EPSS 0.03% · P7 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-12633

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

An issue was discovered in the Linux kernel through 4.17.2. vbg_misc_device_ioctl() in drivers/virt/vboxguest/vboxguest_linux.c reads the same user data twice with copy_from_user. The header part of the user data is double-fetched, and a malicious user thread can tamper with the critical variables (hdr.size_in and hdr.size_out) in the header between the two fetches because of a race condition, leading to severe kernel errors, such as buffer over-accesses. This bug can cause a local denial of service and information leakage.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Linux kernel 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。 Linux kernel 4.17.2及之前版本中的drivers/virt/vboxguest/vboxguest_linux.c文件的‘vbg_misc_device_ioctl()’函数存在安全漏洞。本地攻击者可利用该漏洞造成拒绝服务，泄露信息。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2018-12633

#	POC Description	Source Link	Shenlong Link
1	A technical case study and exploitation analysis of the Authentication Bypass vulnerability in TP-Link TL-WR840N firmware (CVE-2018-12633).	https://github.com/wiliam227user/CVE-2018-12633-TPLink-Auth-Bypass	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2018-12633

Please Login to view more intelligence information

Same Patch Batch · n/a · 2018-06-22 · 20 CVEs total

CVE-2018-12657		SLiMS 8 Akasia Master File模块跨站脚本漏洞
CVE-2018-12689		phpLDAPadmin 安全漏洞
CVE-2018-12688		tinyexr 输入验证漏洞
CVE-2018-12687		tinyexr 输入验证错误漏洞
CVE-2018-12684		CivetWeb 缓冲区错误漏洞
CVE-2018-12678		Portainer 安全漏洞
CVE-2018-1000201		ruby-ffi 安全漏洞
CVE-2018-12636		WordPress iThemes Security(better-wp-security)插件SQL注入漏洞
CVE-2018-12659		SLiMS 8 Akasia 安全漏洞
CVE-2018-12658		SLiMS 8 Akasia Stock Take模块跨站脚本漏洞
CVE-2018-12634		Circontrol CirCarLife Scada 安全漏洞
CVE-2018-12656		SLiMS 8 Akasia Membership模块跨站脚本漏洞
CVE-2018-12655		SLiMS 8 Akasia Circulation模块跨站脚本漏洞
CVE-2018-12654		SLiMS 8 Akasia Bibliography模块跨站脚本漏洞
CVE-2018-12649		MISP 安全漏洞
CVE-2018-12648		Exempi 安全漏洞
CVE-2018-12642		Froxlor 访问控制错误漏洞
CVE-2018-12641		GNU Binutils GNU libiberty 缓冲区错误漏洞
CVE-2018-12635		Circontrol CirCarLife Scada 安全漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2018-12633

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2018-12633

I. Basic Information for CVE-2018-12633

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2018-12633

III. Intelligence Information for CVE-2018-12633

Same Patch Batch · n/a · 2018-06-22 · 20 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2018-12633

Leave a comment