CVE-2018-5873
- Source
- https://cve.org/CVERecord?id=CVE-2018-5873
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-5873.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2018-5873
- Downstream
- Published
- 2018-07-06T19:29:01.060Z
- Modified
- 2026-03-15T22:26:21.397681Z
- Severity
-
- 7.0 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
An issue was discovered in the __nsgetpath function in fs/nsfs.c in the Linux kernel before 4.11. Due to a race condition when accessing files, a Use After Free condition can occur. This also affects all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05.
- References
-
- https://source.android.com/security/bulletin/2018-07-01
- https://source.codeaurora.org/quic/la/kernel/msm-4.9/commit/?id=34742aaf7cb16c95edba4a7afed6d2c4fa7e434b
- https://www.codeaurora.org/security-bulletin/2018/07/02/july-2018-code-aurora-security-bulletin
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=073c516ff73557a8f7315066856c04b50383ac34
- https://github.com/torvalds/linux/commit/073c516ff73557a8f7315066856c04b50383ac34
Affected packages
Git /
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-5873.json"
unresolved_ranges
[
{
"events": [
{
"introduced": "3.19"
},
{
"fixed": "4.1.50"
}
]
},
{
"events": [
{
"introduced": "4.2"
},
{
"fixed": "4.4.116"
}
]
},
{
"events": [
{
"introduced": "4.5"
},
{
"fixed": "4.9.82"
}
]
},
{
"events": [
{
"introduced": "4.10"
},
{
"fixed": "4.11"
}
]
}
]