← Back

CVE-2018-9568

nvd nist
Published: Dec 6, 2018Modified: Nov 21, 2024

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-113509306. References: Upstream kernel.

Affected (16)

Show all products
Google: Android · Canonical: Ubuntu Linux · Redhat: Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Server Aus, Enterprise Linux Server Eus, Enterprise Linux Server Tus, Enterprise Linux Workstation · Linux: Linux Kernel
Google
1 product
Android
Canonical
1 product
Ubuntu Linux
Redhat
6 products
Enterprise Linux Desktop
Enterprise Linux Server
Enterprise Linux Server Aus
Enterprise Linux Server Eus
Enterprise Linux Server Tus
Enterprise Linux Workstation
Linux
1 product
Linux Kernel
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Android
All versions
Configuration B
2 vulnerable
Vulnerable SoftwareAffected Versions
Canonical
Ubuntu Linux
Version 12.04
Ubuntu Linux
Version 14.04
Configuration C
6 vulnerable
Vulnerable SoftwareAffected Versions
Enterprise Linux Desktop
Version 7.0
Enterprise Linux Server
Version 7.0
Enterprise Linux Server Aus
Version 7.6
Enterprise Linux Server Eus
Version 7.6
Enterprise Linux Server Tus
Version 7.6
Enterprise Linux Workstation
Version 7.0
Configuration D
7 vulnerable
Vulnerable SoftwareAffected Versions
Linux
Linux Kernel
Before 3.10.108
Linux Kernel
From 3.11 to 3.16.58
Linux Kernel
From 3.17 to 3.18.77
Linux Kernel
From 3.19 to 4.1.46
Linux Kernel
From 4.10 to 4.13.6
Linux Kernel
From 4.2 to 4.4.94
Linux Kernel
From 4.5 to 4.9.55

Related CWEs

CWE-704
Incorrect Type Conversion or Cast
The product does not correctly convert an object, resource, or structure from one type to a different type.

References (26)

Source: security@android.com
Third Party Advisory
Source: security@android.com
Third Party Advisory
Source: security@android.com
Third Party Advisory
Source: security@android.com
Third Party Advisory
Source: security@android.com
Third Party Advisory
Source: security@android.com
Third Party Advisory
Source: security@android.com
Third Party Advisory
Source: security@android.com
Third Party Advisory
Source: security@android.com
Third Party Advisory
Source: security@android.com
Third Party Advisory
Source: security@android.com
PatchVendor Advisory
Source: security@android.com
Third Party Advisory
Source: security@android.com
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.