Home

CVE-2018-18559

Description

In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanout_add from setsockopt and bind on an AF_PACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a race condition. The code mishandles a certain multithreaded case involving a packet_do_bind unregister action followed by a packet_notifier register action. Later, packet_release operates on only one of the two applicable linked lists. The attacker can achieve Program Counter control.

Risk Information

Base Score
8.1
MODERATE
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
1.14

Associated Vulnerability

VulnerabilityOS Platform
Kernel security update (CESA-2019:0163) perf-3.10.0-957.5.1.el7.x86_64.rpmLinux
Kernel security update (CESA-2019:0163) kernel-3.10.0-957.5.1.el7.x86_64.rpmLinux
Kernel security update (CESA-2019:0163) bpftool-3.10.0-957.5.1.el7.x86_64.rpmLinux
Kernel security update (CESA-2019:0163) kernel-doc-3.10.0-957.5.1.el7.noarch.rpmLinux
Kernel security update (CESA-2019:0163) kernel-abi-whitelists-3.10.0-957.5.1.el7.noarch.rpmLinux
Kernel security update (CESA-2019:0163) kernel-debug-3.10.0-957.5.1.el7.x86_64.rpmLinux
Kernel security update (CESA-2019:0163) kernel-debug-devel-3.10.0-957.5.1.el7.x86_64.rpmLinux
Kernel security update (CESA-2019:0163) kernel-devel-3.10.0-957.5.1.el7.x86_64.rpmLinux
Kernel security update (CESA-2019:0163) kernel-headers-3.10.0-957.5.1.el7.x86_64.rpmLinux
Kernel security update (CESA-2019:0163) kernel-tools-3.10.0-957.5.1.el7.x86_64.rpmLinux
Kernel security update (CESA-2019:0163) kernel-tools-libs-3.10.0-957.5.1.el7.x86_64.rpmLinux
Kernel security update (CESA-2019:0163) kernel-tools-libs-devel-3.10.0-957.5.1.el7.x86_64.rpmLinux
Kernel security update (CESA-2019:0163) python-perf-3.10.0-957.5.1.el7.x86_64.rpmLinux
(RHSA-2019:0163) kernel security, bug fix, and enhancement update bpftool-3.10.0-957.5.1.el7.x86_64.rpmLinux
(RHSA-2019:0163) kernel security, bug fix, and enhancement update kernel-3.10.0-957.5.1.el7.x86_64.rpmLinux
(RHSA-2019:0163) kernel security, bug fix, and enhancement update kernel-abi-whitelists-3.10.0-957.5.1.el7.noarch.rpmLinux
(RHSA-2019:0163) kernel security, bug fix, and enhancement update kernel-debug-3.10.0-957.5.1.el7.x86_64.rpmLinux
(RHSA-2019:0163) kernel security, bug fix, and enhancement update kernel-debug-devel-3.10.0-957.5.1.el7.x86_64.rpmLinux
(RHSA-2019:0163) kernel security, bug fix, and enhancement update kernel-devel-3.10.0-957.5.1.el7.x86_64.rpmLinux
(RHSA-2019:0163) kernel security, bug fix, and enhancement update kernel-doc-3.10.0-957.5.1.el7.noarch.rpmLinux
(RHSA-2019:0163) kernel security, bug fix, and enhancement update kernel-headers-3.10.0-957.5.1.el7.x86_64.rpmLinux
(RHSA-2019:0163) kernel security, bug fix, and enhancement update kernel-tools-3.10.0-957.5.1.el7.x86_64.rpmLinux
(RHSA-2019:0163) kernel security, bug fix, and enhancement update kernel-tools-libs-3.10.0-957.5.1.el7.x86_64.rpmLinux
(RHSA-2019:0163) kernel security, bug fix, and enhancement update kernel-tools-libs-devel-3.10.0-957.5.1.el7.x86_64.rpmLinux
(RHSA-2019:0163) kernel security, bug fix, and enhancement update perf-3.10.0-957.5.1.el7.x86_64.rpmLinux
(RHSA-2019:0163) kernel security, bug fix, and enhancement update python-perf-3.10.0-957.5.1.el7.x86_64.rpmLinux
(CESA-2019:0163) kernel security, bug fix, and enhancement update kernel-abi-whitelists-3.10.0-957.5.1.el7.noarch.rpmLinux
(CESA-2019:0163) kernel security, bug fix, and enhancement update kernel-doc-3.10.0-957.5.1.el7.noarch.rpmLinux
Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition) Vulnerability (CVE-2018-18559)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234