vulnerability
Ubuntu: (CVE-2018-5873): linux vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:M/Au:N/C:C/I:C/A:C) | Jul 6, 2018 | Nov 19, 2024 | Sep 1, 2025 |
Severity
7
CVSS
(AV:L/AC:M/Au:N/C:C/I:C/A:C)
Published
Jul 6, 2018
Added
Nov 19, 2024
Modified
Sep 1, 2025
Description
An issue was discovered in the __ns_get_path function in fs/nsfs.c in the Linux kernel before 4.11. Due to a race condition when accessing files, a Use After Free condition can occur. This also affects all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05.
Solutions
ubuntu-upgrade-linuxubuntu-upgrade-linux-awsubuntu-upgrade-linux-fipsubuntu-upgrade-linux-gcpubuntu-upgrade-linux-hweubuntu-upgrade-linux-hwe-edgeubuntu-upgrade-linux-kvmubuntu-upgrade-linux-lts-xenialubuntu-upgrade-linux-raspi2ubuntu-upgrade-linux-snapdragon
References
- CVE-2018-5873
- https://attackerkb.com/topics/CVE-2018-5873
- CWE-362
- CWE-416
- URL-https://source.android.com/security/bulletin/2018-07-01
- URL-https://source.codeaurora.org/quic/la/kernel/msm-4.9/commit/?id=34742aaf7cb16c95edba4a7afed6d2c4fa7e434b
- URL-https://www.codeaurora.org/security-bulletin/2018/07/02/july-2018-code-aurora-security-bulletin
- URL-https://www.cve.org/CVERecord?id=CVE-2018-5873
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.