Vulnerability Details : CVE-2018-20856
An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled.
Vulnerability category: Memory Corruption
Products affected by CVE-2018-20856
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-20856
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 29 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-20856
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST | |
7.8
|
HIGH | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2018-20856
-
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-20856
-
https://access.redhat.com/errata/RHSA-2020:0543
RHSA-2020:0543 - Security Advisory - Red Hat Customer Portal
-
https://usn.ubuntu.com/4094-1/
USN-4094-1: Linux kernel vulnerabilities | Ubuntu security notices
-
https://github.com/torvalds/linux/commit/54648cf1ec2d7f4b6a71767799c45676a138ca24
block: blk_init_allocated_queue() set q->fq as NULL in the fail case · torvalds/linux@54648cf · GitHubPatch;Third Party Advisory
-
https://usn.ubuntu.com/4118-1/
USN-4118-1: Linux kernel (AWS) vulnerabilities | Ubuntu security notices
-
https://access.redhat.com/errata/RHSA-2020:0664
RHSA-2020:0664 - Security Advisory - Red Hat Customer Portal
-
https://seclists.org/bugtraq/2019/Aug/26
Bugtraq: [slackware-security] Slackware 14.2 kernel (SSA:2019-226-01)
-
https://access.redhat.com/errata/RHSA-2020:0698
RHSA-2020:0698 - Security Advisory - Red Hat Customer Portal
-
https://access.redhat.com/errata/RHSA-2020:0100
RHSA-2020:0100 - Security Advisory - Red Hat Customer Portal
-
https://usn.ubuntu.com/4116-1/
USN-4116-1: Linux kernel vulnerabilities | Ubuntu security notices
-
https://support.f5.com/csp/article/K14673240?utm_source=f5support&utm_medium=RSS
-
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54648cf1ec2d7f4b6a71767799c45676a138ca24
kernel/git/torvalds/linux.git - Linux kernel source treeMailing List;Patch;Vendor Advisory
-
https://www.debian.org/security/2019/dsa-4497
Debian -- Security Information -- DSA-4497-1 linux
-
http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html
Kernel Live Patch Security Notice LSN-0058-1 ≈ Packet Storm
-
http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html
Kernel Live Patch Security Notice LSN-0055-1 ≈ Packet Storm
-
https://access.redhat.com/errata/RHSA-2019:3055
RHSA-2019:3055 - Security Advisory - Red Hat Customer Portal
-
https://access.redhat.com/errata/RHSA-2019:3217
RHSA-2019:3217 - Security Advisory - Red Hat Customer Portal
-
https://access.redhat.com/errata/RHSA-2019:3089
RHSA-2019:3089 - Security Advisory - Red Hat Customer Portal
-
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.7
Mailing List;Release Notes;Vendor Advisory
-
https://security.netapp.com/advisory/ntap-20190905-0002/
August 2019 Linux Kernel Vulnerabilities in NetApp Products | NetApp Product Security
-
http://packetstormsecurity.com/files/154059/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
Slackware Security Advisory - Slackware 14.2 kernel Updates ≈ Packet Storm
-
https://access.redhat.com/errata/RHSA-2019:3076
RHSA-2019:3076 - Security Advisory - Red Hat Customer Portal
-
https://access.redhat.com/errata/RHSA-2020:0103
RHSA-2020:0103 - Security Advisory - Red Hat Customer Portal
-
https://lists.debian.org/debian-lts-announce/2019/08/msg00017.html
[SECURITY] [DLA 1885-1] linux-4.9 security update
-
https://seclists.org/bugtraq/2019/Aug/18
Bugtraq: [SECURITY] [DSA 4497-1] linux security update
Jump to