CVE-2018-20836

Published: May 7, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/torvalds/linux/commit/b90cd6f2b905905fb42671009dc0e27c310a16ae

x_refsource_MISC

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b90cd6f2b905905fb42671009dc0e27c310a16ae

x_refsource_MISC

108196

vdb-entry

x_refsource_BID

https://support.f5.com/csp/article/K11225249

x_refsource_CONFIRM

https://security.netapp.com/advisory/ntap-20190719-0003/

x_refsource_CONFIRM

openSUSE-SU-2019:1716

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2019:1757

vendor-advisory

x_refsource_SUSE

USN-4076-1

vendor-advisory

x_refsource_UBUNTU

DSA-4495

vendor-advisory

x_refsource_DEBIAN

20190812 [SECURITY] [DSA 4495-1] linux security update

mailing-list

x_refsource_BUGTRAQ

20190813 [SECURITY] [DSA 4497-1] linux security update

mailing-list

x_refsource_BUGTRAQ

DSA-4497

vendor-advisory

x_refsource_DEBIAN

[debian-lts-announce] 20190814 [SECURITY] [DLA 1884-1] linux security update

mailing-list

x_refsource_MLIST

[debian-lts-announce] 20190814 [SECURITY] [DLA 1885-1] linux-4.9 security update

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-20836

Description

Affected Products

References