QwikSec

Security Database

CVE

CWE

Training

CVE-2017-15126

Published: Jan 14, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

A use-after-free flaw was found in fs/userfaultfd.c in the Linux kernel before 4.13.6. The issue is related to the handling of fork failure when dealing with event messages. Failure to fork correctly can lead to a situation where a fork event will be removed from an already freed list of events with userfaultfd_ctx_put().

Vendor	Product	Versions
n/a	Linux Kernel before 4.13.6	affected `Linux Kernel before 4.13.6`

Weaknesses (CWE)

References

vdb-entry

x_refsource_BID

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=384632e67e0829deb8015ee6ad916b180049d252

x_refsource_MISC

https://bugzilla.redhat.com/show_bug.cgi?id=1523481

x_refsource_MISC

vendor-advisory

x_refsource_REDHAT

https://github.com/torvalds/linux/commit/384632e67e0829deb8015ee6ad916b180049d252

x_refsource_MISC

vendor-advisory

x_refsource_REDHAT

https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.6

x_refsource_MISC

https://access.redhat.com/security/cve/CVE-2017-15126

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.