Lucene search

Ubuntu.comUB:CVE-2018-5873

HistoryJul 06, 2018 - 12:00 a.m.

CVE-2018-5873

2018-07-0600:00:00

ubuntu.com

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

25.6%

JSON

An issue was discovered in the __ns_get_path function in fs/nsfs.c in the
Linux kernel before 4.11. Due to a race condition when accessing files, a
Use After Free condition can occur. This also affects all Android releases
from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD
Android) before security patch level 2018-07-05.

OSVersionArchitecturePackageVersionFilename
ubuntu16.04noarchlinux< 4.4.0-121.145UNKNOWN
ubuntu14.04noarchlinux-aws< 4.4.0-1017.17UNKNOWN
ubuntu16.04noarchlinux-aws< 4.4.0-1055.64UNKNOWN
ubuntu18.04noarchlinux-azure-edge< anyUNKNOWN
ubuntu16.04noarchlinux-gcp< 4.13.0-1002.5UNKNOWN
ubuntu16.04noarchlinux-hwe< 4.13.0-26.29~16.04.2UNKNOWN
ubuntu18.04noarchlinux-hwe-edge< 4.18.0-8.9~18.04.1UNKNOWN
ubuntu16.04noarchlinux-hwe-edge< 4.13.0-26.29~16.04.2UNKNOWN
ubuntu16.04noarchlinux-kvm< 4.4.0-1021.26UNKNOWN
ubuntu14.04noarchlinux-lts-xenial< 4.4.0-121.145~14.04.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	16.04	noarch	linux	< 4.4.0-121.145	UNKNOWN
ubuntu	14.04	noarch	linux-aws	< 4.4.0-1017.17	UNKNOWN
ubuntu	16.04	noarch	linux-aws	< 4.4.0-1055.64	UNKNOWN
ubuntu	18.04	noarch	linux-azure-edge	< any	UNKNOWN
ubuntu	16.04	noarch	linux-gcp	< 4.13.0-1002.5	UNKNOWN
ubuntu	16.04	noarch	linux-hwe	< 4.13.0-26.29~16.04.2	UNKNOWN
ubuntu	18.04	noarch	linux-hwe-edge	< 4.18.0-8.9~18.04.1	UNKNOWN
ubuntu	16.04	noarch	linux-hwe-edge	< 4.13.0-26.29~16.04.2	UNKNOWN
ubuntu	16.04	noarch	linux-kvm	< 4.4.0-1021.26	UNKNOWN
ubuntu	14.04	noarch	linux-lts-xenial	< 4.4.0-121.145~14.04.1	UNKNOWN

Rows per page:

1-10 of 131

References

launchpad.net/bugs/cve/CVE-2018-5873

nvd.nist.gov/vuln/detail/CVE-2018-5873

security-tracker.debian.org/tracker/CVE-2018-5873

source.android.com/security/bulletin/2018-07-01

source.codeaurora.org/quic/la/kernel/msm-4.9/commit/?id=34742aaf7cb16c95edba4a7afed6d2c4fa7e434b

www.codeaurora.org/security-bulletin/2018/07/02/july-2018-code-aurora-security-bulletin

www.cve.org/CVERecord?id=CVE-2018-5873

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

25.6%

JSON

Related for UB:CVE-2018-5873