#VU90164 Use-after-free in Linux kernel
Vulnerability identifier: #VU90164
Vulnerability risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-416
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the brcmf_notify_escan_complete() and brcmf_cfg80211_detach() functions in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c. A local user can escalate privileges on the system.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Linux kernel:
External links
http://git.kernel.org/stable/c/202c503935042272e2f9e1bb549d5f69a8681169
http://git.kernel.org/stable/c/8e3f03f4ef7c36091f46e7349096efb5a2cdb3a1
http://git.kernel.org/stable/c/bacb8c3ab86dcd760c15903fcee58169bc3026aa
http://git.kernel.org/stable/c/8c36205123dc57349b59b4f1a2301eb278cbc731
http://git.kernel.org/stable/c/0b812f706fd7090be74812101114a0e165b36744
http://git.kernel.org/stable/c/190794848e2b9d15de92d502b6ac652806904f5a
http://git.kernel.org/stable/c/6678a1e7d896c00030b31491690e8ddc9a90767a
http://git.kernel.org/stable/c/0a7591e14a8da794d0b93b5d1c6254ccb23adacb
http://git.kernel.org/stable/c/0f7352557a35ab7888bc7831411ec8a3cbe20d78
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
