CVE-2018-8897
Public Exploits 3
Metasploit · 1 mov_ss.rb [exploit]
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-8897
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL < 3, the debug exception is delivered after the transfer to CPL < 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
多个厂商的操作系统竞争条件问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国等都是美国Linux(Linux)基金会的产品。Linux kernel是开源操作系统Linux所使用的内核。Qualcomm Kernel等都是美国高通(Qualcomm)公司的产品。Qualcomm Kernel是一个使用在高通产品中的内核组件。Apple Kernel等都是美国苹果(Apple)公司的产品。Apple Kernel是Apple设备的内核。 多个厂商的操作系统中存在竞争条件问题漏洞。该漏洞源于网络系统或产品在运行过程中,并发代码需要互斥地访问共享资源时,对
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2018-8897
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | Implements the POP/MOV SS (CVE-2018-8897) vulnerability by bugchecking the machine (local DoS). | https://github.com/nmulasmajic/CVE-2018-8897 | POC Details |
| 2 | The exploitation for CVE-2018-8897 | https://github.com/jiazhang0/pop-mov-ss-exploit | POC Details |
| 3 | Arbitrary code execution with kernel privileges using CVE-2018-8897. | https://github.com/can1357/CVE-2018-8897 | POC Details |
| 4 | Implements the POP/MOV SS (CVE-2018-8897) vulnerability by leveraging SYSCALL to perform a local privilege escalation (LPE). | https://github.com/nmulasmajic/syscall_exploit_CVE-2018-8897 | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2018-8897
请登录查看更多情报信息。
Patches & Fixes for CVE-2018-8897 (2)
Vendor Advisories for CVE-2018-8897 (29)
- https://security.netapp.com/advisory/ntap-20180927-0002/x_refsource_CONFIRM
- https://support.apple.com/HT208742x_refsource_MISC
- https://bugzilla.redhat.com/show_bug.cgi?id=1567074x_refsource_MISC
Exploits & Public PoCs for CVE-2018-8897 (2)
Mailing List Discussions for CVE-2018-8897 (4)
- http://openwall.com/lists/oss-security/2018/05/08/4x_refsource_MISC
Other References for CVE-2018-8897 (8)
- https://www.synology.com/support/security/Synology_SA_18_21x_refsource_CONFIRM
- https://github.com/can1357/CVE-2018-8897/x_refsource_MISC
- https://patchwork.kernel.org/patch/10386677/x_refsource_MISC
- https://support.citrix.com/article/CTX234679x_refsource_CONFIRM
- https://xenbits.xen.org/xsa/advisory-260.htmlx_refsource_MISC
Same Patch Batch · n/a · 2018-05-08 · 18 CVEs total
| CVE-2018-1000178 | Quassel 缓冲区错误漏洞 | |
| CVE-2018-10801 | Silicon Graphics LibTIFF 安全漏洞 | |
| CVE-2018-10809 | 2345 Security Guard 安全漏洞 | |
| CVE-2018-10806 | Frog CMS 跨站脚本漏洞 | |
| CVE-2018-10805 | ImageMagick 安全漏洞 | |
| CVE-2018-10804 | ImageMagick 安全漏洞 | |
| CVE-2018-10734 | 多款KONGTOP DVR产品安全漏洞 | |
| CVE-2018-10380 | KDE Kwallet kwallet-pam 安全漏洞 | |
| CVE-2018-1000179 | Quassel 安全漏洞 | |
| CVE-2015-1503 | IceWarp Mail Server 路径遍历漏洞 | |
| CVE-2018-1000177 | CloudBees Jenkins S3 Plugin 跨站脚本漏洞 | |
| CVE-2018-1000176 | CloudBees Jenkins Email Extension Plugin 信息泄露漏洞 | |
| CVE-2018-1000175 | CloudBees Jenkins HTML Publisher Plugin 路径遍历漏洞 | |
| CVE-2018-1000174 | CloudBees Jenkins Google Login Plugin 安全漏洞 | |
| CVE-2018-1000173 | CloudBees Jenkins Google Login Plugin 安全漏洞 | |
| CVE-2018-1000168 | Nghttp2 输入验证错误漏洞 | |
| CVE-2018-10812 | Bitpie application for Android和iOS 安全漏洞 |
IV. Related Vulnerabilities
V. Comments for CVE-2018-8897
No comments yet