PT-2018-3798 · Linux+5 · Linux Kernel+5

Wen Xu

Publicado

2018-06-21

Atualizado

2021-04-13

CVE-2018-13095

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions through 4.17.3

Description An issue in the Linux kernel can cause a denial of service, resulting in memory corruption and a BUG, when encountering a corrupted xfs image with an inode in extent format that has more extents than fit in the inode fork. The vulnerability is related to a buffer overflow in memory, which can be exploited to cause a denial of service.

Recommendations For Linux kernel versions through 4.17.3, update to a version later than 4.17.3 to resolve the issue. As a temporary workaround, consider restricting access to corrupted xfs images to minimize the risk of exploitation.

Correção

DoS

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787

Identificadores relacionados

ALT-PU-2018-1971

ALT-PU-2018-1976

ALT-PU-2019-1433

BDU:2022-03968

CESA-2019_2029

CVE-2018-13095

OPENSUSE-SU-2018_2738-1

OPENSUSE-SU-2018_3071-1

RHSA-2019:1350

RHSA-2019:2029

RHSA-2019:2043

RHSA-2019_2029

RHSA-2019_2043

SUSE-SU-2018:2775-1

SUSE-SU-2018:2776-1

SUSE-SU-2018:2858-1

SUSE-SU-2018:2862-1

SUSE-SU-2018:2980-1

SUSE-SU-2018:2981-1

SUSE-SU-2018:3084-1

SUSE-SU-2018:3961-1

USN-4904-1

USN-4907-1

Produtos afetados

Alt Linux

Centos

Linux Kernel

Red Hat

Suse

Ubuntu

PT-2018-3798 · Linux+5 · Linux Kernel+5

CVE-2018-13095

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 500