[Forgot Password]
Login  Register Subscribe

24128

 
 

131615

 
 

112965

 
 

909

 
 

88036

 
 

136

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2018-12232Date: (C)2018-06-15   (M)2018-09-21


In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat does not increment the file descriptor reference count, which allows close to set the socket to NULL during fchownat's execution, leading to a NULL pointer dereference and system crash.

Reference:
BID-104453
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6d8c50dcb029872b298eea68cc6209c866fd3e14
https://github.com/torvalds/linux/commit/6d8c50dcb029872b298eea68cc6209c866fd3e14
https://lkml.org/lkml/2018/6/5/14
https://patchwork.ozlabs.org/patch/926519/

OVAL    21
oval:org.secpod.oval:def:1700059
oval:org.secpod.oval:def:1600901
oval:org.secpod.oval:def:114968
oval:org.secpod.oval:def:704300
...

© SecPod Technologies