CVE-2018-18559Race Condition in Kernel

CWE-362Race ConditionCWE-416Use After Free8 documents7 sources
Severity
8.1HIGHNVD
EPSS
0.8%
top 25.32%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
9
Linux KernelRedhat Enterprise Linux DesktopRedhat Enterprise Linux Server+6 more
Timeline
PublishedOct 22
Latest updateMay 14

Description

In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanout_add from setsockopt and bind on an AF_PACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a race condition. The code mishandles a certain multithreaded case involving a packet_do_bind unregister action followed by a packet_notifier register action. Later, packet_release operates on only one of the two applicable linked lists. The attacker can

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages6 packages

NVDlinux/linux_kernel3.2.953.2.100+7
Debianlinux/linux_kernel< 4.14.7-1+3

Also affects: Enterprise Linux 7.6, Openshift Container Platform 3.11

Patches

Patch: blogs.securiteam.comPatch: blogs.securiteam.com

🔴Vulnerability Details

3
GHSA
GHSA-8w88-57v8-p48h: In the Linux kernel through 42022-05-14
OSV
CVE-2018-18559: In the Linux kernel through 42018-10-22
CVEList
CVE-2018-18559: In the Linux kernel through 42018-10-22

📋Vendor Advisories

2
Red Hat
kernel: Use-after-free due to race condition in AF_PACKET implementation2018-06-15
Debian
CVE-2018-18559: linux - In the Linux kernel through 4.19, a use-after-free can occur due to a race condi...2018

💬Community

2
Bugzilla
CVE-2018-18559 kernel: Use-after-free due to race condition in AF_PACKET implementation [fedora-all]2018-10-23
Bugzilla
CVE-2018-18559 kernel: Use-after-free due to race condition in AF_PACKET implementation2018-10-23
CVE-2018-18559 — Race Condition in Linux Kernel | cvebase