An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
History
03 Nov 2022, 02:22
Type | Values Removed | Values Added |
---|---|---|
References | (DEBIAN) https://www.debian.org/security/2019/dsa-4497 - Third Party Advisory | |
References | (BID) http://www.securityfocus.com/bid/108196 - Third Party Advisory, VDB Entry | |
References | (BUGTRAQ) https://seclists.org/bugtraq/2019/Aug/13 - Mailing List, Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00025.html - Mailing List, Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00014.html - Mailing List, Third Party Advisory | |
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20190719-0003/ - Third Party Advisory | |
References | (DEBIAN) https://www.debian.org/security/2019/dsa-4495 - Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2019/08/msg00016.html - Mailing List, Third Party Advisory | |
References | (CONFIRM) https://support.f5.com/csp/article/K11225249 - Third Party Advisory | |
References | (BUGTRAQ) https://seclists.org/bugtraq/2019/Aug/18 - Mailing List, Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4076-1/ - Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2019/08/msg00017.html - Mailing List, Third Party Advisory | |
First Time |
Canonical ubuntu Linux
Canonical Netapp vasa Provider For Clustered Data Ontap Opensuse leap Debian Netapp solidfire \& Hci Management Node Netapp snapprotect F5 traffix Signaling Delivery Controller Netapp active Iq Unified Manager Netapp storage Replication Adapter For Clustered Data Ontap Debian debian Linux Netapp Netapp hci Compute Node F5 Netapp solidfire \& Hci Storage Node Opensuse Netapp virtual Storage Console |
|
CPE | cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:snapprotect:-:*:*:*:*:*:*:* cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:* cpe:2.3:a:f5:traffix_signaling_delivery_controller:5.0.0:*:*:*:*:*:*:* cpe:2.3:a:f5:traffix_signaling_delivery_controller:5.1.0:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:* cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:* cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vmware_vsphere:*:* cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:solidfire_\&_hci_storage_node:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:-:*:*:*:*:vmware_vsphere:*:* |
Information
Published : 2019-05-07 14:29
Updated : 2023-12-10 12:59
NVD link : CVE-2018-20836
Mitre link : CVE-2018-20836
CVE.ORG link : CVE-2018-20836
JSON object : View
Products Affected
f5
- traffix_signaling_delivery_controller
netapp
- solidfire_\&_hci_management_node
- snapprotect
- virtual_storage_console
- storage_replication_adapter_for_clustered_data_ontap
- active_iq_unified_manager
- vasa_provider_for_clustered_data_ontap
- solidfire_\&_hci_storage_node
- hci_compute_node
linux
- linux_kernel
opensuse
- leap
debian
- debian_linux
canonical
- ubuntu_linux