CVE-2018-21008: Use After Free

First published: Wed Sep 04 2019(Updated: )

An issue was discovered in the Linux kernel before 4.16.7. A use-after-free can be caused by the function rsi_mac80211_detach in the file drivers/net/wireless/rsi/rsi_91x_mac80211.c.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
Linux Linux kernel	<4.16.7
ubuntu/linux	<4.15.0-66.75	4.15.0-66.75
ubuntu/linux	<4.18~	4.18~
ubuntu/linux	<4.4.0-166.195	4.4.0-166.195
ubuntu/linux-aws	<4.15.0-1052.54	4.15.0-1052.54
ubuntu/linux-aws	<4.4.0-1056.60	4.4.0-1056.60
ubuntu/linux-aws	<4.18~	4.18~
ubuntu/linux-aws	<4.4.0-1096.107	4.4.0-1096.107
ubuntu/linux-aws-5.0	<4.18~	4.18~
ubuntu/linux-aws-hwe	<4.18~	4.18~
ubuntu/linux-aws-hwe	<4.15.0-1052.54~16.04.1	4.15.0-1052.54~16.04.1
ubuntu/linux-azure	<4.18.0-1011.11~18.04.1	4.18.0-1011.11~18.04.1
ubuntu/linux-azure	<4.15.0-1061.66~14.04.1	4.15.0-1061.66~14.04.1
ubuntu/linux-azure	<4.18~	4.18~
ubuntu/linux-azure	<4.15.0-1061.66	4.15.0-1061.66
ubuntu/linux-azure-5.3	<4.18~	4.18~
ubuntu/linux-azure-edge	<4.18.0-1011.11~18.04.1	4.18.0-1011.11~18.04.1
ubuntu/linux-azure-edge	<4.18~	4.18~
ubuntu/linux-azure-edge	<4.15.0-1061.66	4.15.0-1061.66
ubuntu/linux-gcp	<5.0.0-1020.20~18.04.1	5.0.0-1020.20~18.04.1
ubuntu/linux-gcp	<4.18~	4.18~
ubuntu/linux-gcp	<4.15.0-1047.50	4.15.0-1047.50
ubuntu/linux-gcp-5.3	<4.18~	4.18~
ubuntu/linux-gcp-edge	<5.0.0-1020.20~18.04.1	5.0.0-1020.20~18.04.1
ubuntu/linux-gcp-edge	<4.18~	4.18~
ubuntu/linux-gke-4.15	<4.15.0-1046.49	4.15.0-1046.49
ubuntu/linux-gke-4.15	<4.18~	4.18~
ubuntu/linux-gke-5.0	<4.18~	4.18~
ubuntu/linux-gke-5.3	<4.18~	4.18~
ubuntu/linux-hwe	<4.18~	4.18~
ubuntu/linux-hwe	<4.15.0-66.75~16.04.1	4.15.0-66.75~16.04.1
ubuntu/linux-hwe-edge	<4.18~	4.18~
ubuntu/linux-hwe-edge	<4.15.0-66.75~16.04.1	4.15.0-66.75~16.04.1
ubuntu/linux-kvm	<4.15.0-1048.48	4.15.0-1048.48
ubuntu/linux-kvm	<4.18~	4.18~
ubuntu/linux-kvm	<4.4.0-1060.67	4.4.0-1060.67
ubuntu/linux-lts-trusty	<4.18~	4.18~
ubuntu/linux-lts-xenial	<4.4.0-166.195~14.04.1	4.4.0-166.195~14.04.1
ubuntu/linux-lts-xenial	<4.18~	4.18~
ubuntu/linux-oem	<4.15.0-1059.68	4.15.0-1059.68
ubuntu/linux-oem	<4.15.0-1059.68	4.15.0-1059.68
ubuntu/linux-oem	<4.18~	4.18~
ubuntu/linux-oem-5.6	<4.18~	4.18~
ubuntu/linux-oem-osp1	<4.18~	4.18~
ubuntu/linux-oracle	<4.15.0-1027.30	4.15.0-1027.30
ubuntu/linux-oracle	<5.0.0-1004.8	5.0.0-1004.8
ubuntu/linux-oracle	<4.18~	4.18~
ubuntu/linux-oracle	<4.15.0-1027.30~16.04.1	4.15.0-1027.30~16.04.1
ubuntu/linux-oracle-5.0	<4.18~	4.18~
ubuntu/linux-oracle-5.3	<4.18~	4.18~
ubuntu/linux-raspi2	<4.15.0-1049.53	4.15.0-1049.53
ubuntu/linux-raspi2	<4.18~	4.18~
ubuntu/linux-raspi2	<4.4.0-1124.133	4.4.0-1124.133
ubuntu/linux-raspi2-5.3	<4.18~	4.18~
ubuntu/linux-snapdragon	<4.15.0-1066.73	4.15.0-1066.73
ubuntu/linux-snapdragon	<4.18~	4.18~
ubuntu/linux-snapdragon	<4.4.0-1128.136	4.4.0-1128.136
debian/linux		4.19.249-2 4.19.304-1 5.10.209-2 5.10.216-1 6.1.76-1 6.1.90-1 6.7.12-1

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

collector/nvd-index
agent/type
agent/first-publish-date
agent/last-modified-date
collector/launchpad-cve
source/Launchpad
agent/author
collector/nvd-cve
source/NVD
agent/software-canonical-lookup
agent/severity
agent/remedy
agent/references
agent/weakness
agent/description
agent/tags
agent/event
collector/security-tracker-debian
source/Debian
agent/softwarecombine
collector/usn-cve
source/Ubuntu
vendor/linux
canonical/linux linux kernel
package-manager/debian
package-manager/ubuntu

CVE-2018-21008: Use After Free

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

Company

Resources

Contact