PT-2018-12615 · Linux+2 · Linux Kernel+2

Wen Xu

Publicado

2018-07-27

Atualizado

2019-09-02

CVE-2018-14609

CVSS v2.0

7.1

Alta

Vetor

AV:N/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.17.11

Description An issue exists in the Linux kernel where there is an invalid pointer dereference in the del reloc root() function in fs/btrfs/relocation.c. This occurs when mounting a crafted btrfs image and is related to removing reloc rb trees when reloc control has not been initialized.

Recommendations For Linux kernel versions prior to 4.17.11, update to version 4.17.11 or later to resolve the issue. As a temporary workaround, consider avoiding the use of crafted btrfs images until the issue is resolved. Restrict access to the fs/btrfs/relocation.c module to minimize the risk of exploitation.

Exploit

Correção

NULL Pointer Dereference

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-476

Identificadores relacionados

ALT-PU-2018-2092

ALT-PU-2018-2094

ALT-PU-2019-1433

CVE-2018-14609

DLA-1529-1

DLA-1531-1

DSA-4308-1

USN-3821-1

USN-3821-2

USN-4094-1

USN-4118-1

Produtos afetados

Alt Linux

Linux Kernel

Ubuntu

PT-2018-12615 · Linux+2 · Linux Kernel+2

CVE-2018-14609

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 91