Bug 1555145 (CVE-2018-8087) - CVE-2018-8087 kernel: Memory leak in drivers/net/wireless/mac80211_hwsim.c:hwsim_new_radio_nl() can lead to potential denial of service
Summary: CVE-2018-8087 kernel: Memory leak in drivers/net/wireless/mac80211_hwsim.c:hw...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2018-8087
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1555146 1555147 1626463 1626464
Blocks: 1555148
TreeView+ depends on / blocked
 
Reported: 2018-03-14 03:30 UTC by Sam Fowler
Modified: 2021-06-10 15:18 UTC (History)
46 users (show)

Fixed In Version: kernel 4.16-rc1
Doc Type: If docs needed, set a value
Doc Text:
The Linux kernel is vulnerable to a memory leak in the drivers/net/wireless/mac80211_hwsim.c:hwsim_new_radio_nl() function. An attacker could exploit this to cause a potential denial of service.
Clone Of:
Environment:
Last Closed: 2019-08-06 13:18:45 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2019:2029 0 None None None 2019-08-06 12:04:02 UTC
Red Hat Product Errata RHSA-2019:2043 0 None None None 2019-08-06 12:06:23 UTC

Description Sam Fowler 2018-03-14 03:30:09 UTC 
The Linux kernel is vulnerable to a memory leak in the drivers/net/wireless/mac80211_hwsim.c:hwsim_new_radio_nl() function. An attacker could exploit this to cause a potential denial of service.

An upstream patch:

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0ddcff49b672239dda94d70d0fcf50317a9f4b51
Comment 1 Sam Fowler 2018-03-14 03:34:48 UTC 
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 1555147]
Comment 6 Fedora Update System 2018-03-20 17:35:14 UTC 
kernel-4.15.10-200.fc26 has been pushed to the Fedora 26 stable repository. If problems still persist, please make note of it in this bug report.
Comment 12 errata-xmlrpc 2019-08-06 12:04:00 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2019:2029 https://access.redhat.com/errata/RHSA-2019:2029
Comment 13 errata-xmlrpc 2019-08-06 12:06:21 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2019:2043 https://access.redhat.com/errata/RHSA-2019:2043
Comment 14 Product Security DevOps Team 2019-08-06 13:18:45 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2018-8087
Note You need to log in before you can comment on or make changes to this bug.