Use-after-free vulnerability in ucma_leave_multicast in Linux kernel through 4.17.11

Use-after-free vulnerability in ucma_leave_multicast in Linux kernel through 4.17.11

CVE-2018-14734 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:C

drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free).

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.