Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2018-12232

Published: 12 June 2018

In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat does not increment the file descriptor reference count, which allows close to set the socket to NULL during fchownat's execution, leading to a NULL pointer dereference and system crash.

From the Ubuntu Security Team

Shankara Pailoor discovered that a race condition existed in the socket handling code in the Linux kernel. A local attacker could use this to cause a denial of service (system crash).

Priority

Medium

Cvss 3 Severity Score

5.9

Score breakdown

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
upstream
Released (4.18~rc1)
bionic
Released (4.15.0-33.36)
trusty Not vulnerable

xenial Not vulnerable

artful Ignored
(end of life)
cosmic Not vulnerable
(4.17.0-6.7)
Patches:
Introduced by

86741ec25462e4c8cdce6df2f41ead05568c7d5e

Fixed by 6d8c50dcb029872b298eea68cc6209c866fd3e14
linux-aws
Launchpad, Ubuntu, Debian
upstream
Released (4.18~rc1)
bionic
Released (4.15.0-1020.20)
trusty Not vulnerable

xenial Not vulnerable

artful Does not exist

cosmic Not vulnerable
(4.15.0-1020.20)
linux-azure
Launchpad, Ubuntu, Debian
upstream
Released (4.18~rc1)
bionic
Released (4.15.0-1022.23)
artful Does not exist

cosmic Not vulnerable
(4.18.0-1003.3)
trusty Not vulnerable
(4.15.0-1023.24~14.04.1)
xenial
Released (4.15.0-1022.22~16.04.1)
linux-azure-edge
Launchpad, Ubuntu, Debian
upstream
Released (4.18~rc1)
bionic Not vulnerable
(4.18.0-1003.3~18.04.1)
artful Does not exist

cosmic Does not exist

trusty Does not exist

xenial
Released (4.15.0-1022.23)
linux-kvm
Launchpad, Ubuntu, Debian
upstream
Released (4.18~rc1)
bionic
Released (4.15.0-1020.20)
artful Does not exist

cosmic Not vulnerable
(4.15.0-1020.20)
trusty Does not exist

xenial Not vulnerable

linux-euclid
Launchpad, Ubuntu, Debian
upstream
Released (4.18~rc1)
bionic Does not exist

artful Does not exist

cosmic Does not exist

trusty Does not exist

xenial Ignored
(was needed ESM criteria)
linux-oem
Launchpad, Ubuntu, Debian
upstream
Released (4.18~rc1)
bionic
Released (4.15.0-1017.20)
artful Does not exist

cosmic Not vulnerable
(4.15.0-1017.20)
trusty Does not exist

xenial Ignored
(end of standard support, was needed)
linux-goldfish
Launchpad, Ubuntu, Debian
trusty Does not exist
(trusty was ignored [abandoned])
xenial Ignored
(end of life, was needs-triage)
artful Does not exist

cosmic Does not exist

bionic Does not exist

upstream
Released (4.18~rc1)
linux-flo
Launchpad, Ubuntu, Debian
trusty Does not exist
(trusty was ignored [abandoned])
xenial Ignored
(abandoned)
artful Does not exist

cosmic Does not exist

bionic Does not exist

upstream
Released (4.18~rc1)
linux-hwe
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial
Released (4.15.0-33.36~16.04.1)
artful Does not exist

cosmic Does not exist

bionic Not vulnerable

upstream
Released (4.18~rc1)
linux-hwe-edge
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial
Released (4.15.0-33.36~16.04.1)
artful Does not exist

bionic Not vulnerable
(4.18.0-11.12~18.04.1)
cosmic Does not exist

upstream
Released (4.18~rc1)
linux-gcp
Launchpad, Ubuntu, Debian
artful Does not exist

bionic
Released (4.15.0-1018.19)
cosmic Not vulnerable
(4.15.0-1018.19)
trusty Does not exist

upstream
Released (4.18~rc1)
xenial
Released (4.15.0-1018.19~16.04.2)
linux-gke
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

cosmic Does not exist

trusty Does not exist

upstream
Released (4.18~rc1)
xenial Ignored
(end of standard support, was needs-triage)
linux-grouper
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

cosmic Does not exist

trusty Does not exist
(trusty was ignored [abandoned])
upstream
Released (4.18~rc1)
xenial Does not exist

linux-lts-trusty
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

cosmic Does not exist

trusty Does not exist

upstream
Released (4.18~rc1)
xenial Does not exist

linux-lts-utopic
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

cosmic Does not exist

trusty Does not exist
(trusty was ignored [end of standard support])
upstream
Released (4.18~rc1)
xenial Does not exist

linux-lts-vivid
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

cosmic Does not exist

trusty Does not exist
(trusty was ignored [end of standard support])
upstream
Released (4.18~rc1)
xenial Does not exist

linux-lts-wily
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

cosmic Does not exist

trusty Does not exist
(trusty was ignored [end of standard support])
upstream
Released (4.18~rc1)
xenial Does not exist

linux-lts-xenial
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

cosmic Does not exist

trusty Not vulnerable

upstream
Released (4.18~rc1)
xenial Does not exist

linux-maguro
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

cosmic Does not exist

trusty Does not exist
(trusty was ignored [abandoned])
upstream
Released (4.18~rc1)
xenial Does not exist

linux-mako
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

cosmic Does not exist

trusty Does not exist
(trusty was ignored [abandoned])
upstream
Released (4.18~rc1)
xenial Ignored
(abandoned)
linux-manta
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

cosmic Does not exist

trusty Does not exist
(trusty was ignored [abandoned])
upstream
Released (4.18~rc1)
xenial Does not exist

linux-raspi2
Launchpad, Ubuntu, Debian
artful Ignored
(end of life)
bionic
Released (4.15.0-1021.23)
cosmic Not vulnerable
(4.15.0-1021.23)
trusty Does not exist

upstream
Released (4.18~rc1)
xenial Not vulnerable

linux-snapdragon
Launchpad, Ubuntu, Debian
artful Ignored
(end of life)
bionic Not vulnerable

cosmic Does not exist

trusty Does not exist

upstream
Released (4.18~rc1)
xenial Not vulnerable

Severity score breakdown

Parameter Value
Base score 5.9
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Scope Unchanged
Confidentiality None
Integrity impact None
Availability impact High
Vector CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H