In ip6_xmit of ip6_output.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-168607263References: Upstream kernel.
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 2018226]
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
This was fixed for Fedora with the 4.15.15 stable update.