CVE-2018-17182

Source
Severity High
Remote No
Type Privilege escalation
Description
An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.
Group Package Affected Fixed Severity Status Ticket
AVG-771 linux 4.18.8.arch1-1 4.18.9.arch1-1 High Fixed
References
https://www.exploit-db.com/exploits/45497/
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7a9cdebdcc17e426fb5287e4a82db1dfe86339b2
https://github.com/torvalds/linux/commit/7a9cdebdcc17e426fb5287e4a82db1dfe86339b2