CVE-2018-16597

Опубликовано: 21 сент. 2018

Источник: nvd

CVSS3: 5.5

CVSS2: 4.9

EPSS Низкий

Описание

An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem.

Ссылки

http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00033.html
Mailing List
Third Party Advisory
http://packetstormsecurity.com/files/153702/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
http://www.securityfocus.com/bid/105394
Third Party Advisory
VDB Entry
https://bugzilla.suse.com/show_bug.cgi?id=1106512
Issue Tracking
Patch
Third Party Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c0ca3d70e8d3cf81e2255a217f7ca402f5ed0862
Patch
Third Party Advisory
https://seclists.org/bugtraq/2019/Jul/33
https://security.netapp.com/advisory/ntap-20190204-0001/
Patch
Third Party Advisory
https://support.f5.com/csp/article/K22691834
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00033.html
Mailing List
Third Party Advisory
http://packetstormsecurity.com/files/153702/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
http://www.securityfocus.com/bid/105394
Third Party Advisory
VDB Entry
https://bugzilla.suse.com/show_bug.cgi?id=1106512
Issue Tracking
Patch
Third Party Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c0ca3d70e8d3cf81e2255a217f7ca402f5ed0862
Patch
Third Party Advisory
https://seclists.org/bugtraq/2019/Jul/33
https://security.netapp.com/advisory/ntap-20190204-0001/
Patch
Third Party Advisory
https://support.f5.com/csp/article/K22691834
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия до 4.8 (исключая)

Конфигурация 2

Одно из

cpe:2.3:a:netapp:active_iq_performance_analytics_services:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*

Конфигурация 3

cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*

EPSS

Процентиль: 25%

0.00088

Низкий

5.5 Medium

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-863

Связанные уязвимости

CVE-2018-16597

CVSS3: 5.5

ubuntu

больше 7 лет назад

An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem.

CVE-2018-16597

CVSS3: 5.3

redhat

больше 7 лет назад

An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem.

CVE-2018-16597

CVSS3: 5.5

debian

больше 7 лет назад

An issue was discovered in the Linux kernel before 4.8. Incorrect acce ...

GHSA-8j89-mf7f-m8q3

CVSS3: 5.5

github

больше 3 лет назад

An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem.

SUSE-SU-2018:3004-1

suse-cvrf

больше 7 лет назад

Security update for the Linux Kernel

EPSS

Процентиль: 25%

0.00088

Низкий

5.5 Medium

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-863