Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2018-18559
PUBLISHED
More InfoOfficial Page
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
View Known Exploited Vulnerability (KEV) details
Published At-22 Oct, 2018 | 16:00
Updated At-05 Aug, 2024 | 11:16
Rejected At-
▼CVE Numbering Authority (CNA)

In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanout_add from setsockopt and bind on an AF_PACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a race condition. The code mishandles a certain multithreaded case involving a packet_do_bind unregister action followed by a packet_notifier register action. Later, packet_release operates on only one of the two applicable linked lists. The attacker can achieve Program Counter control.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://access.redhat.com/errata/RHSA-2019:0188
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:0163
vendor-advisory
x_refsource_REDHAT
https://blogs.securiteam.com/index.php/archives/3731
x_refsource_MISC
https://access.redhat.com/errata/RHBA-2019:0327
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:1170
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:1190
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:3967
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:4159
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2020:0174
vendor-advisory
x_refsource_REDHAT
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://access.redhat.com/errata/RHSA-2019:0188
vendor-advisory
x_refsource_REDHAT
x_transferred
https://access.redhat.com/errata/RHSA-2019:0163
vendor-advisory
x_refsource_REDHAT
x_transferred
https://blogs.securiteam.com/index.php/archives/3731
x_refsource_MISC
x_transferred
https://access.redhat.com/errata/RHBA-2019:0327
vendor-advisory
x_refsource_REDHAT
x_transferred
https://access.redhat.com/errata/RHSA-2019:1170
vendor-advisory
x_refsource_REDHAT
x_transferred
https://access.redhat.com/errata/RHSA-2019:1190
vendor-advisory
x_refsource_REDHAT
x_transferred
https://access.redhat.com/errata/RHSA-2019:3967
vendor-advisory
x_refsource_REDHAT
x_transferred
https://access.redhat.com/errata/RHSA-2019:4159
vendor-advisory
x_refsource_REDHAT
x_transferred
https://access.redhat.com/errata/RHSA-2020:0174
vendor-advisory
x_refsource_REDHAT
x_transferred
Details not found