Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2018-18559

EPSS 0.79% · P74
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-18559

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanout_add from setsockopt and bind on an AF_PACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a race condition. The code mishandles a certain multithreaded case involving a packet_do_bind unregister action followed by a packet_notifier register action. Later, packet_release operates on only one of the two applicable linked lists. The attacker can achieve Program Counter control.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 竞争条件漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。 Linux kernel 4.19及之前版本中存在释放后重用漏洞。攻击者可利用该漏洞控制程序计数器。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2018-18559

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2018-18559

登录查看更多情报信息。

Same Patch Batch · n/a · 2018-10-22 · 10 CVEs total

CVE-2018-18581LuPng 缓冲区错误漏洞
CVE-2018-18582LuPng 缓冲区错误漏洞
CVE-2018-18583LuPng 缓冲区错误漏洞
CVE-2018-18578DedeCMS 跨站脚本漏洞
CVE-2018-18579DedeCMS 跨站脚本漏洞
CVE-2018-13114KERUI Wifi Endoscope Camera(YPC99)输入验证错误漏洞
CVE-2018-13115KERUI Wifi Endoscope Camera(YPC99)输入验证漏洞
CVE-2018-18557Silicon Graphics LibTIFF 缓冲区错误漏洞
CVE-2018-18553Leanote 跨站脚本漏洞

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2018-18559

No comments yet

Leave a comment