CVE-2018-20836

CWE-362Race ConditionCWE-416Use After FreeCWE-3669 documents8 sources
Severity
8.1HIGH
EPSS
3.8%
top 11.84%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
Linux Linux KernelCanonical Ubuntu LinuxDebian Debian Linux+5 more
Timeline
PublishedMay 7
Latest updateMay 24

Description

An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages11 packages

NVDlinux/linux_kernel3.173.18.140+5
Debianlinux< 5.2.6-1+3
Ubuntulinux< 4.4.0-157.185
Ubuntulinux-aws< 4.4.0-1088.99
Ubuntulinux-kvm< 4.4.0-1052.59

Also affects: Debian Linux 10.0, 8.0, 9.0, Ubuntu Linux 16.04

Patches

Patch: git.kernel.orgPatch: github.comPatch: git.kernel.org

🔴Vulnerability Details

4
GHSA
GHSA-hjqh-c7g9-6w2x: An issue was discovered in the Linux kernel before 42022-05-24
OSV
linux, linux-aws, linux-kvm, linux-raspi2 vulnerabilities2019-07-25
CVEList
CVE-2018-20836: An issue was discovered in the Linux kernel before 42019-05-07
OSV
CVE-2018-20836: An issue was discovered in the Linux kernel before 42019-05-07

📋Vendor Advisories

3
Ubuntu
Linux kernel vulnerabilities2019-07-25
Red Hat
kernel: race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c leads to use-after-free2018-09-25
Debian
CVE-2018-20836: linux - An issue was discovered in the Linux kernel before 4.20. There is a race conditi...2018

💬Community

1
Bugzilla
CVE-2018-20836 kernel: race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c leads to use-after-free2019-05-08
CVE-2018-20836 (HIGH CVSS 8.1) | An issue was discovered in the Linu | cvebase.io