Description
A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely.
References (19)
Core 19
Core References
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/3617-1/
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/3619-2/
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/3617-3/
Mailing List, Patch, Third Party Advisory x_refsource_misc
https://marc.info/?l=linux-netdev&m=151370451121029&w=2
Mailing List, Third Party Advisory x_refsource_misc
https://marc.info/?t=151370468900001&r=1&w=2
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/3632-1/
Issue Tracking, Patch, Third Party Advisory x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=1531174
Release Notes x_refsource_misc
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.11
Patch x_refsource_misc
https://github.com/torvalds/linux/commit/21b5944350052d2583e82dd59b19a9ba94a007f0
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2018:1062
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2018:0654
Third Party Advisory x_refsource_misc
https://access.redhat.com/security/cve/CVE-2017-15129
Broken Link vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/102485
Mailing List, Third Party Advisory x_refsource_misc
http://seclists.org/oss-sec/2018/q1/7
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2018:0676
Patch x_refsource_misc
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=21b5944350052d2583e82dd59b19a9ba94a007f0
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/3617-2/
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/3619-1/
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:1946
Scores
CVSS v3
4.7
EPSS
0.0008
EPSS Percentile
23.0%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-362
Status
published
Products (27)
canonical/ubuntu_linux
14.04
canonical/ubuntu_linux
16.04
canonical/ubuntu_linux
17.10
fedoraproject/fedora
27
linux/linux_kernel
4.15 rc1 (4 CPE variants)
linux/linux_kernel
4.0 - 4.14.11
redhat/enterprise_linux
7.0
redhat/enterprise_linux_compute_node_eus
7.4
redhat/enterprise_linux_desktop
7.0
redhat/enterprise_linux_eus
7.4
... and 17 more
Published
Jan 09, 2018
Tracked Since
Feb 18, 2026