Lucene search

K
ubuntucveUbuntu.comUB:CVE-2018-20836
HistoryMay 07, 2019 - 12:00 a.m.

CVE-2018-20836

2019-05-0700:00:00
ubuntu.com
ubuntu.com
21

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

0.01 Low

EPSS

Percentile

83.8%

An issue was discovered in the Linux kernel before 4.20. There is a race
condition in smp_task_timedout() and smp_task_done() in
drivers/scsi/libsas/sas_expander.c, leading to a use-after-free.

Notes

Author Note
sbeattie hard to see how this can be attacker controlled
OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< 4.15.0-44.47UNKNOWN
ubuntu18.10noarchlinux< 4.18.0-14.15UNKNOWN
ubuntu16.04noarchlinux< 4.4.0-157.185UNKNOWN
ubuntu18.04noarchlinux-aws< 4.15.0-1032.34UNKNOWN
ubuntu18.10noarchlinux-aws< 4.18.0-1008.10UNKNOWN
ubuntu16.04noarchlinux-aws< 4.4.0-1090.101UNKNOWN
ubuntu16.04noarchlinux-aws-hwe< 4.15.0-1032.34~16.04.1UNKNOWN
ubuntu18.04noarchlinux-azure< 4.15.0-1037.39UNKNOWN
ubuntu18.10noarchlinux-azure< 4.18.0-1008.8UNKNOWN
ubuntu16.04noarchlinux-azure< 4.15.0-1037.39~16.04.1UNKNOWN
Rows per page:
1-10 of 321

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

0.01 Low

EPSS

Percentile

83.8%