CVE-2018-8087Missing Release of Resource after Effective Lifetime in Linux

CWE-772Missing Release of Resource after Effective LifetimeCWE-400Uncontrolled Resource Consumption20 documents7 sources
Severity
5.5MEDIUMNVD
OSV6.7
EPSS
0.0%
top 86.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Linux KernelDebian LinuxCanonical Ubuntu Linux+1 more
Timeline
PublishedMar 13
Latest updateMay 13

Description

Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim.c in the Linux kernel through 4.15.9 allows local users to cause a denial of service (memory consumption) by triggering an out-of-array error case.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

Debianlinux/linux_kernel< 4.15.11-1+3
Ubuntulinux/linux_kernel< 4.4.0-128.154+1
NVDlinux/linux_kernel4.15.9
debiandebian/linux< linux 4.15.11-1 (bookworm)

Also affects: Debian Linux 9.0, Ubuntu Linux 14.04, 16.04, 17.10, 18.04

Patches

Patch: git.kernel.orgPatch: github.comPatch: git.kernel.org

🔴Vulnerability Details

8
GHSA
GHSA-xqg7-w425-fm4c: Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim2022-05-13
OSV
linux-raspi2 vulnerabilities2018-06-15
OSV
linux-azure vulnerabilities2018-06-12
OSV
linux, linux-aws, linux-gcp, linux-kvm vulnerabilities2018-06-12
OSV
linux-hwe, linux-gcp, linux-oem vulnerabilities2018-06-12

📋Vendor Advisories

9
Ubuntu
Linux kernel (Raspberry Pi 2) vulnerabilities2018-06-15
Ubuntu
Linux kernel (Azure) vulnerabilities2018-06-12
Ubuntu
Linux kernel vulnerabilities2018-06-12
Ubuntu
Linux kernel (HWE) vulnerabilities2018-06-12
Ubuntu
Linux kernel vulnerabilities2018-06-11

💬Community

2
Bugzilla
CVE-2018-8087 kernel: Memory leak in drivers/net/wireless/mac80211_hwsim.c:hwsim_new_radio_nl() can lead to potential denial of service [fedora-all]2018-03-14
Bugzilla
CVE-2018-8087 kernel: Memory leak in drivers/net/wireless/mac80211_hwsim.c:hwsim_new_radio_nl() can lead to potential denial of service2018-03-14