{"id":"CVE-2018-16880","details":"A flaw was found in the Linux kernel's handle_rx() function in the [vhost_net] driver. A malicious virtual guest, under specific conditions, can trigger an out-of-bounds write in a kmalloc-8 slab on a virtual host which may lead to a kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out. Versions from v4.16 and newer are vulnerable.","modified":"2026-03-12T22:27:34.846438Z","published":"2019-01-29T16:29:00.387Z","related":["SUSE-SU-2019:1240-1","SUSE-SU-2019:1241-1","SUSE-SU-2019:1242-1","SUSE-SU-2019:1244-1","SUSE-SU-2019:1550-1","SUSE-SU-2019:2430-1","openSUSE-SU-2019:1404-1"],"references":[{"type":"ADVISORY","url":"https://usn.ubuntu.com/3903-2/"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00037.html"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/106735"},{"type":"ADVISORY","url":"https://support.f5.com/csp/article/K03593314"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3903-1/"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16880"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-16880.json","unresolved_ranges":[{"events":[{"introduced":"4.16"},{"fixed":"4.19.20"}]},{"events":[{"introduced":"4.20"},{"fixed":"4.20.7"}]},{"events":[{"introduced":"0"},{"last_affected":"18.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.10"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}