Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2018-9415

Опубликовано: 02 июл. 2018
Источник: redhat
CVSS3: 6.1
EPSS Низкий

Описание

In driver_override_store and driver_override_show of bus.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-69129004 References: Upstream kernel.

A flaw was found in the Linux kernel. A race condition existed in the ARM Advanced Microcontroller Bus Architecture (AMBA) driver that could result in a double free. A local attacker could use this to cause a denial of service. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelNot affected
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-altAffected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernelNot affected
Red Hat Enterprise MRG 2kernel-rtNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-400
https://bugzilla.redhat.com/show_bug.cgi?id=1629030kernel: race condition in the ARM Advanced Microcontroller Bus Architecture (AMBA) driver

EPSS

Процентиль: 24%
0.00076
Низкий

6.1 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2018-9415

CVSS3: 7.8
ubuntu
больше 6 лет назад

In driver_override_store and driver_override_show of bus.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-69129004 References: Upstream kernel.

nvd логотип

CVE-2018-9415

CVSS3: 7.8
nvd
больше 6 лет назад

In driver_override_store and driver_override_show of bus.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-69129004 References: Upstream kernel.

debian логотип

CVE-2018-9415

CVSS3: 7.8
debian
больше 6 лет назад

In driver_override_store and driver_override_show of bus.c, there is a ...

github логотип

GHSA-vfgj-wgwr-rg52

CVSS3: 7.8
github
около 3 лет назад

In driver_override_store and driver_override_show of bus.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-69129004 References: Upstream kernel.

oracle-oval логотип

ELSA-2020-5866

oracle-oval
больше 4 лет назад

ELSA-2020-5866: Unbreakable Enterprise kernel security update (IMPORTANT)

EPSS

Процентиль: 24%
0.00076
Низкий

6.1 Medium

CVSS3