CVE-2018-20856

Published: Jul 26, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.7

x_refsource_MISC

https://github.com/torvalds/linux/commit/54648cf1ec2d7f4b6a71767799c45676a138ca24

x_refsource_MISC

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54648cf1ec2d7f4b6a71767799c45676a138ca24

x_refsource_MISC

USN-4094-1

vendor-advisory

x_refsource_UBUNTU

20190813 [SECURITY] [DSA 4497-1] linux security update

mailing-list

x_refsource_BUGTRAQ

DSA-4497

vendor-advisory

x_refsource_DEBIAN

20190814 [slackware-security] Slackware 14.2 kernel (SSA:2019-226-01)

mailing-list

x_refsource_BUGTRAQ

[debian-lts-announce] 20190814 [SECURITY] [DLA 1885-1] linux-4.9 security update

mailing-list

x_refsource_MLIST

http://packetstormsecurity.com/files/154059/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html

x_refsource_MISC

USN-4116-1

vendor-advisory

x_refsource_UBUNTU

USN-4118-1

vendor-advisory

x_refsource_UBUNTU

https://security.netapp.com/advisory/ntap-20190905-0002/

x_refsource_CONFIRM

http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html

x_refsource_MISC

https://support.f5.com/csp/article/K14673240?utm_source=f5support&amp%3Butm_medium=RSS

x_refsource_CONFIRM

RHSA-2019:3076

vendor-advisory

x_refsource_REDHAT

RHSA-2019:3055

vendor-advisory

x_refsource_REDHAT

RHSA-2019:3089

vendor-advisory

x_refsource_REDHAT

http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html

x_refsource_MISC

RHSA-2019:3217

vendor-advisory

x_refsource_REDHAT

RHSA-2020:0100

vendor-advisory

x_refsource_REDHAT

RHSA-2020:0103

vendor-advisory

x_refsource_REDHAT

RHSA-2020:0543

vendor-advisory

x_refsource_REDHAT

RHSA-2020:0664

vendor-advisory

x_refsource_REDHAT

RHSA-2020:0698

vendor-advisory

x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-20856

Description

Affected Products

References