Описание
An issue was discovered in the Linux kernel through 4.17.10. There is a use-after-free in try_merge_free_space() when mounting a crafted btrfs image, because of a lack of chunk type flag checks in btrfs_check_chunk_valid in fs/btrfs/volumes.c.
Ссылки
- Third Party AdvisoryVDB Entry
- ExploitIssue TrackingThird Party Advisory
- Mailing ListThird Party Advisory
- PatchThird Party Advisory
- Third Party AdvisoryVDB Entry
- ExploitIssue TrackingThird Party Advisory
- Mailing ListThird Party Advisory
- PatchThird Party Advisory
Уязвимые конфигурации
EPSS
5.5 Medium
CVSS3
7.1 High
CVSS2
Дефекты
Связанные уязвимости
An issue was discovered in the Linux kernel through 4.17.10. There is a use-after-free in try_merge_free_space() when mounting a crafted btrfs image, because of a lack of chunk type flag checks in btrfs_check_chunk_valid in fs/btrfs/volumes.c.
An issue was discovered in the Linux kernel through 4.17.10. There is a use-after-free in try_merge_free_space() when mounting a crafted btrfs image, because of a lack of chunk type flag checks in btrfs_check_chunk_valid in fs/btrfs/volumes.c.
An issue was discovered in the Linux kernel through 4.17.10. There is ...
An issue was discovered in the Linux kernel through 4.17.10. There is a use-after-free in try_merge_free_space() when mounting a crafted btrfs image, because of a lack of chunk type flag checks in btrfs_check_chunk_valid in fs/btrfs/volumes.c.
Уязвимость функции try_merge_free_space() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
5.5 Medium
CVSS3
7.1 High
CVSS2