CVE-2018-12232

by Fred · 12/06/2018

In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat does not increment the file descriptor reference count, which allows close to set the socket to NULL during fchownat’s execution, leading to a NULL pointer dereference and system crash.

Date published : 2018-06-12

http://www.securityfocus.com/bid/104453

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6d8c50dcb029872b298eea68cc6209c866fd3e14

CVE-2018-12232

Similar

Recent Posts

Categories

CVE-2018-12232

Share this:

Similar

Recent Posts

Categories

Tags