CVE-2018-12232

Description

In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat does not increment the file descriptor reference count, which allows close to set the socket to NULL during fchownat's execution, leading to a NULL pointer dereference and system crash.

References

Link	Tags
https://usn.ubuntu.com/3752-2/	vendor advisory
https://usn.ubuntu.com/3752-3/	vendor advisory
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6d8c50dcb029872b298eea68cc6209c866fd3e14	third party advisory patch
https://patchwork.ozlabs.org/patch/926519/	third party advisory patch
https://access.redhat.com/errata/RHSA-2018:2948	vendor advisory
https://lkml.org/lkml/2018/6/5/14	third party advisory
http://www.securityfocus.com/bid/104453	vdb entry third party advisory
https://usn.ubuntu.com/3752-1/	vendor advisory
https://github.com/torvalds/linux/commit/6d8c50dcb029872b298eea68cc6209c866fd3e14	third party advisory patch

Frequently Asked Questions

What is the severity of CVE-2018-12232?: CVE-2018-12232 has been scored as a medium severity vulnerability.
How to fix CVE-2018-12232?: To fix CVE-2018-12232, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2018-12232 being actively exploited in the wild?: It is possible that CVE-2018-12232 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~3% probability that this vulnerability will be exploited by malicious actors in the next 30 days.

Description

Category

CWE-362 – Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

References

Frequently Asked Questions