PT-2018-12615 · Linux+2 · Linux Kernel+2

Wen Xu

Published

2018-07-27

Updated

2019-09-02

CVE-2018-14609

CVSS v2.0

7.1

High

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.17.11

Description An issue exists in the Linux kernel where there is an invalid pointer dereference in the del reloc root() function in fs/btrfs/relocation.c. This occurs when mounting a crafted btrfs image and is related to removing reloc rb trees when reloc control has not been initialized.

Recommendations For Linux kernel versions prior to 4.17.11, update to version 4.17.11 or later to resolve the issue. As a temporary workaround, consider avoiding the use of crafted btrfs images until the issue is resolved. Restrict access to the fs/btrfs/relocation.c module to minimize the risk of exploitation.

Exploit

Fix

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALT-PU-2018-2092

ALT-PU-2018-2094

ALT-PU-2019-1433

CVE-2018-14609

DLA-1529-1

DLA-1531-1

DSA-4308-1

USN-3821-1

USN-3821-2

USN-4094-1

USN-4118-1

Affected Products

Alt Linux

Linux Kernel

Ubuntu

PT-2018-12615 · Linux+2 · Linux Kernel+2

CVE-2018-14609

Weakness Enumeration

Related Identifiers

Affected Products

References · 91