CVE-2018-1718 new Linux Kernel flaw

999 Views

Google Project Zero disclosed details for a high severity Linux kernel a use-after-free vulnerability tracked as CVE-2018-1718.

The vulnerability is a use-after-free tracked as CVE-2018-17182, it was discovered by Google Project Zero’s Jann Horn. The vulnerability was introduced in August 2014 with the release of version 3.16 of the Linux kernel.

The issue could be exploited by an attacker trigger a DoS condition or to execute arbitrary code with root privileges on the vulnerable system.

The expert reported the flaws to Linux kernel development team on September 12 and they fixed it in just two days later.

poc

Leave a Reply

Your email address will not be published. Required fields are marked *