PT-2018-3499 · Linux+3 · Linux Kernel+3

Publicado

2018-05-15

Atualizado

2020-03-02

CVE-2018-20976

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.18

Description: The issue is related to a use after free in the fs/xfs/xfs super.c component of the Linux kernel. This could allow an attacker to gain unauthorized access to information and compromise its integrity and availability. The problem is associated with the failure of xfs fs fill super.

Recommendations: For Linux kernel versions prior to 4.18, update to version 4.18 or later to resolve the issue. As a temporary workaround, consider restricting access to the xfs fs fill super function until a patch is available.

Correção

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

ALT-PU-2018-2192

ALT-PU-2018-2210

ALT-PU-2019-1433

BDU:2020-02916

CVE-2018-20976

DLA-1930-1

DLA-2114-1

OPENSUSE-SU-2019:2173-1

OPENSUSE-SU-2019:2181-1

OPENSUSE-SU-2019_2173-1

OPENSUSE-SU-2019_2181-1

RHSA-2020:0178

RHSA-2020:0543

RHSA-2020:0592

RHSA-2020:0609

RHSA-2020:0661

SUSE-SU-2019:14218-1

SUSE-SU-2019:2412-1

SUSE-SU-2019:2414-1

SUSE-SU-2019:2424-1

SUSE-SU-2019:2648-1

SUSE-SU-2019:2651-1

SUSE-SU-2019:2658-1

SUSE-SU-2019:2738-1

SUSE-SU-2019:2756-1

SUSE-SU-2019:2949-1

SUSE-SU-2019:2950-1

SUSE-SU-2019:2984-1

SUSE-SU-2019_14218-1

USN-4144-1

USN-4145-1

Produtos afetados

Alt Linux

Linux Kernel

Suse

Ubuntu

PT-2018-3499 · Linux+3 · Linux Kernel+3

CVE-2018-20976

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 676