PT-2018-11063 · Linux+3 · Linux Kernel+3

Shankara Pailoor

Publicado

2018-06-12

Atualizado

2024-06-15

CVE-2018-12232

CVSS v2.0

7.1

Alta

Vetor

AV:N/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.17.1

Description A race condition exists between the fchownat and close functions when they target the same socket file descriptor. This issue is related to the sock close and sockfs setattr functions. The fchownat function does not increment the file descriptor reference count, allowing the close function to set the socket to NULL during fchownat's execution. This leads to a NULL pointer dereference and can cause a system crash.

Recommendations For Linux kernel versions prior to 4.17.1, update to version 4.17.1 or later to resolve the issue.

Correção

Race Condition

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-362

Identificadores relacionados

ALT-PU-2018-1971

ALT-PU-2018-1976

ALT-PU-2019-1433

CVE-2018-12232

OPENSUSE-SU-2019:0065-1

OPENSUSE-SU-2019_0065-1

OPENSUSE-SU-2024:10728-1

OPENSUSE-SU-2024:13704-1

RHSA-2018:2948

SUSE-SU-2019:0150-1

SUSE-SU-2019:0196-1

SUSE-SU-2019:0222-1

SUSE-SU-2019:0224-1

SUSE-SU-2019:0740-1

SUSE-SU-2019_0150-1

SUSE-SU-2019_0196-1

SUSE-SU-2019_0224-1

SUSE-SU-2019_0740-1

USN-3752-1

USN-3752-2

USN-3752-3

Produtos afetados

Alt Linux

Linux Kernel

Suse

Ubuntu

PT-2018-11063 · Linux+3 · Linux Kernel+3

CVE-2018-12232

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 552