CVE-2017-15126
14.01.2018, 06:29
A use-after-free flaw was found in fs/userfaultfd.c in the Linux kernel before 4.13.6. The issue is related to the handling of fork failure when dealing with event messages. Failure to fork correctly can lead to a situation where a fork event will be removed from an already freed list of events with userfaultfd_ctx_put().Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 4.11 ≤ 𝑥 < 4.13.6 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| linux |
| ||||||||
| linux-armadaxp |
| ||||||||
| linux-aws |
| ||||||||
| linux-azure |
| ||||||||
| linux-euclid |
| ||||||||
| linux-flo |
| ||||||||
| linux-gcp |
| ||||||||
| linux-gke |
| ||||||||
| linux-goldfish |
| ||||||||
| linux-grouper |
| ||||||||
| linux-hwe |
| ||||||||
| linux-hwe-edge |
| ||||||||
| linux-kvm |
| ||||||||
| linux-linaro-omap |
| ||||||||
| linux-linaro-shared |
| ||||||||
| linux-linaro-vexpress |
| ||||||||
| linux-lts-quantal |
| ||||||||
| linux-lts-raring |
| ||||||||
| linux-lts-saucy |
| ||||||||
| linux-lts-trusty |
| ||||||||
| linux-lts-utopic |
| ||||||||
| linux-lts-vivid |
| ||||||||
| linux-lts-wily |
| ||||||||
| linux-lts-xenial |
| ||||||||
| linux-maguro |
| ||||||||
| linux-mako |
| ||||||||
| linux-manta |
| ||||||||
| linux-oem |
| ||||||||
| linux-qcm-msm |
| ||||||||
| linux-raspi2 |
| ||||||||
| linux-snapdragon |
| ||||||||
| linux-ti-omap4 |
|
Red Hat Enterprise Linux Releases
Red Hat Product | |||
|---|---|---|---|
| kernel |
| ||
| kernel-abi-whitelists |
| ||
| kernel-bootwrapper |
| ||
| kernel-debug |
| ||
| kernel-debug-devel |
| ||
| kernel-devel |
| ||
| kernel-doc |
| ||
| kernel-headers |
| ||
| kernel-kdump |
| ||
| kernel-kdump-devel |
| ||
| kernel-rt |
| ||
| kernel-rt-debug |
| ||
| kernel-rt-debug-devel |
| ||
| kernel-rt-debug-kvm |
| ||
| kernel-rt-devel |
| ||
| kernel-rt-doc |
| ||
| kernel-rt-kvm |
| ||
| kernel-rt-trace |
| ||
| kernel-rt-trace-devel |
| ||
| kernel-rt-trace-kvm |
| ||
| kernel-tools |
| ||
| kernel-tools-libs |
| ||
| kernel-tools-libs-devel |
| ||
| perf |
| ||
| python-perf |
|
Common Weakness Enumeration
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory BufferThe software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.
- CWE-416 - Use After FreeReferencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.
References