Description
An issue was discovered in the __ns_get_path function in fs/nsfs.c in the Linux kernel before 4.11. Due to a race condition when accessing files, a Use After Free condition can occur. This also affects all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05.
Exploits (1)
References (5)
Core 5
Core References
Third Party Advisory x_refsource_confirm
https://www.codeaurora.org/security-bulletin/2018/07/02/july-2018-code-aurora-security-bulletin
Third Party Advisory x_refsource_confirm
https://source.codeaurora.org/quic/la/kernel/msm-4.9/commit/?id=34742aaf7cb16c95edba4a7afed6d2c4fa7e434b
Patch, Third Party Advisory x_refsource_confirm
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=073c516ff73557a8f7315066856c04b50383ac34
Vendor Advisory x_refsource_confirm
https://source.android.com/security/bulletin/2018-07-01
Patch, Third Party Advisory x_refsource_confirm
https://github.com/torvalds/linux/commit/073c516ff73557a8f7315066856c04b50383ac34
Scores
CVSS v3
7.0
EPSS
0.0007
EPSS Percentile
21.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-362
CWE-416
Status
published
Products (2)
google/android
linux/linux_kernel
3.19 - 4.1.50
Published
Jul 06, 2018
Tracked Since
Feb 18, 2026