CVE-2018-5873

Severity Score

7.0

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

An issue was discovered in the __ns_get_path function in fs/nsfs.c in the Linux kernel before 4.11. Due to a race condition when accessing files, a Use After Free condition can occur. This also affects all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05.

Debido a una condición de carrera al acceder a los archivos en todas las distribuciones de Android de CAF (Android for MSM, Firefox OS for MSM y QRD Android) que utilizan el kernel de Linux antes del parche de seguridad de nivel del 05/07/2018, puede ocurrir una condición de uso de memoria previamente liberada en el kernel.

*Credits: N/A

Attack Vector

Local

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

Medium

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2018-01-19 CVE Reserved
2018-07-06 CVE Published
2023-06-30 EPSS Updated
2024-09-17 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-416: Use After Free

CAPEC

References (5)

URL	Tag	Source
https://source.codeaurora.org/quic/la/kernel/msm-4.9/commit/?id=34742aaf7cb16c95edba4a7afed6d2c4fa7e434b	Third Party Advisory
https://www.codeaurora.org/security-bulletin/2018/07/02/july-2018-code-aurora-security-bulletin	Third Party Advisory

URL	Date	SRC

URL	Date	SRC
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=073c516ff73557a8f7315066856c04b50383ac34	2023-07-19
https://github.com/torvalds/linux/commit/073c516ff73557a8f7315066856c04b50383ac34	2023-07-19

URL	Date	SRC
https://source.android.com/security/bulletin/2018-07-01	2023-07-19

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Google Search vendor "Google"		Android Search vendor "Google" for product "Android"				-		-		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.19 < 4.1.50 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.19 < 4.1.50"		-		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.2 < 4.4.116 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.2 < 4.4.116"		-		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.5 < 4.9.82 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.5 < 4.9.82"		-		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.10 < 4.11 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 4.11"		-		Affected