A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely.
5.13.0-19.193.11.0-12.194.13.0-16.194.13.0-17.204.13.0-25.294.13.0-32.354.15.0-10.116.5.0-9.94.2.0-16.194.2.0-17.214.2.0-19.234.3.0-1.104.3.0-2.114.3.0-5.164.3.0-6.174.3.0-7.184.4.0-10.254.4.0-101.124+60 more4.4.0-119.1436.8.0-31.315.3.0-18.195.3.0-24.265.4.0-9.125.13.0-1005.64.4.0-1002.24.4.0-1003.34.4.0-1005.54.4.0-1006.64.4.0-1009.94.4.0-1010.104.4.0-1011.114.4.0-1012.124.4.0-1014.144.4.0-1016.164.15.0-1001.1Exploitability
AV:LAC:HPR:LUI:NScope
S:UImpact
C:NI:NA:HCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H