Open mend-bolt-for-github[bot] opened 1 year ago
The Linux Kernel
Library home page: https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/?wsslib=linux
Found in HEAD commit: 32145daf0c96b012284199f23418243e0168269f
Found in base branch: master
An issue was discovered in the Linux kernel before 4.14.16. There is a use-after-free in net/sctp/socket.c for a held lock after a peel off, aka CID-a0ff660058b8.
Publish Date: 2021-06-07
URL: CVE-2018-25015
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25015
Release Date: 2021-06-07
Fix Resolution: v3.2.100, v3.16.55, v3.18.93, v4.1.50, v4.4.114, v4.9.79, v4.14.16
Step up your Open Source Security Game with Mend here
CVE-2018-25015 - High Severity Vulnerability
The Linux Kernel
Library home page: https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/?wsslib=linux
Found in HEAD commit: 32145daf0c96b012284199f23418243e0168269f
Found in base branch: master
An issue was discovered in the Linux kernel before 4.14.16. There is a use-after-free in net/sctp/socket.c for a held lock after a peel off, aka CID-a0ff660058b8.
Publish Date: 2021-06-07
URL: CVE-2018-25015
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here.Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25015
Release Date: 2021-06-07
Fix Resolution: v3.2.100, v3.16.55, v3.18.93, v4.1.50, v4.4.114, v4.9.79, v4.14.16
Step up your Open Source Security Game with Mend here