Published: 07/06/2021 Updated: 01/12/2021

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 409

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

An issue exists in the Linux kernel prior to 4.14.16. There is a use-after-free in net/sctp/socket.c for a held lock after a peel off, aka CID-a0ff660058b8.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
netapp h300s_firmware -
netapp h500s_firmware -
netapp h700s_firmware -
netapp h300e_firmware -
netapp h500e_firmware -
netapp h700e_firmware -
netapp h410s_firmware -
netapp h410c_firmware -

SyzScope is a research project that aims to reveal high-risk security bugs on Syzbot. Learn more details in our paper.

SyzScope What is SyzScope? Why did we develop SyzScope? Access our paper Setup Docker - Recommend image - ready2go image - mini image - syzscope Manually setup Let's warm up Install requirements Tweak pwntools Using UTF-8 encoding Tutorial Common Issues What is SyzScope? SyzScope is a system that can automatically uncover high-risk impacts given a bug with only

CWE-416 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a0ff660058b88d12625a783ce9e5c1371c87951f https://syzkaller.appspot.com/bug?id=a8d38d1b68ffc744c53bd9b9fc1dbd6c86b1afe2 https://sites.google.com/view/syzscope/warning-held-lock-freed https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.16 https://security.netapp.com/advisory/ntap-20210720-0002/https://nvd.nist.gov https://github.com/plummm/SyzScope

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-25015

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect