QwikSec

Security Database

CVE

CWE

Training

CVE-2018-5873

Published: Jul 6, 2018

Modified: Sep 17, 2024

PUBLISHED

Description

An issue was discovered in the __ns_get_path function in fs/nsfs.c in the Linux kernel before 4.11. Due to a race condition when accessing files, a Use After Free condition can occur. This also affects all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05.

Vendor	Product	Versions
Qualcomm, Inc.	Android for MSM, Firefox OS for MSM, QRD Android	affected `All Android releases from CAF using the Linux kernel`

References

https://www.codeaurora.org/security-bulletin/2018/07/02/july-2018-code-aurora-security-bulletin

x_refsource_CONFIRM

https://source.codeaurora.org/quic/la/kernel/msm-4.9/commit/?id=34742aaf7cb16c95edba4a7afed6d2c4fa7e434b

x_refsource_CONFIRM

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=073c516ff73557a8f7315066856c04b50383ac34

x_refsource_CONFIRM

https://source.android.com/security/bulletin/2018-07-01

x_refsource_CONFIRM

https://github.com/torvalds/linux/commit/073c516ff73557a8f7315066856c04b50383ac34

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.