CVE-2018-25015

Опубликовано: 07 июн. 2021

Источник: nvd

CVSS3: 7.8

CVSS2: 4.6

EPSS Низкий

Описание

An issue was discovered in the Linux kernel before 4.14.16. There is a use-after-free in net/sctp/socket.c for a held lock after a peel off, aka CID-a0ff660058b8.

Ссылки

https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.16
Mailing List
Release Notes
Vendor Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a0ff660058b88d12625a783ce9e5c1371c87951f
Mailing List
Patch
Vendor Advisory
https://security.netapp.com/advisory/ntap-20210720-0002/
Third Party Advisory
https://sites.google.com/view/syzscope/warning-held-lock-freed
Exploit
Third Party Advisory
https://syzkaller.appspot.com/bug?id=a8d38d1b68ffc744c53bd9b9fc1dbd6c86b1afe2
Exploit
Mailing List
Third Party Advisory
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.16
Mailing List
Release Notes
Vendor Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a0ff660058b88d12625a783ce9e5c1371c87951f
Mailing List
Patch
Vendor Advisory
https://security.netapp.com/advisory/ntap-20210720-0002/
Third Party Advisory
https://sites.google.com/view/syzscope/warning-held-lock-freed
Exploit
Third Party Advisory
https://syzkaller.appspot.com/bug?id=a8d38d1b68ffc744c53bd9b9fc1dbd6c86b1afe2
Exploit
Mailing List
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия до 4.14.16 (исключая)

Конфигурация 2

Одновременно

cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

Конфигурация 3

Одновременно

cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

Конфигурация 4

Одновременно

cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

Конфигурация 5

Одновременно

cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*

Конфигурация 6

Одновременно

cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*

Конфигурация 7

Одновременно

cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*

Конфигурация 8

Одновременно

cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

Конфигурация 9

Одновременно

cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

EPSS

Процентиль: 21%

0.00069

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-416

Связанные уязвимости

CVE-2018-25015

CVSS3: 7.8

ubuntu

больше 4 лет назад

An issue was discovered in the Linux kernel before 4.14.16. There is a use-after-free in net/sctp/socket.c for a held lock after a peel off, aka CID-a0ff660058b8.

CVE-2018-25015

CVSS3: 7.4

redhat

около 8 лет назад

An issue was discovered in the Linux kernel before 4.14.16. There is a use-after-free in net/sctp/socket.c for a held lock after a peel off, aka CID-a0ff660058b8.

CVE-2018-25015

CVSS3: 7.8

debian

больше 4 лет назад

An issue was discovered in the Linux kernel before 4.14.16. There is a ...

GHSA-rwrg-4798-hg93

github

больше 3 лет назад

An issue was discovered in the Linux kernel before 4.14.16. There is a use-after-free in net/sctp/socket.c for a held lock after a peel off, aka CID-a0ff660058b8.

EPSS

Процентиль: 21%

0.00069

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-416