CVE-2017-18200

Опубликовано: 01 окт. 2017

Источник: redhat

CVSS3: 5.5

EPSS Низкий

Описание

The f2fs implementation in the Linux kernel before 4.14 mishandles reference counts associated with f2fs_wait_discard_bios calls, which allows local users to cause a denial of service (BUG), as demonstrated by fstrim.

The f2fs implementation in the Linux kernel, before 4.14, mishandles reference counts associated with f2fs_wait_discard_bios calls. This allows local users to cause a denial of service (BUG), as demonstrated by fstrim.

Отчет

This issue does not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5, 6, 7, its real-time kernel, Red Hat Enterprise MRG 2, Red Hat Enterprise Linux 7 for ARM 64 and Red Hat Enterprise Linux 7 for Power 9 LE, as the code with the flaw is not built and shipped in the products listed.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 7	kernel	Not affected
Red Hat Enterprise Linux 7	kernel-alt	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Not affected
Red Hat Enterprise Linux 8	kernel	Not affected
Red Hat Enterprise MRG 2	realtime-kernel	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-617

https://bugzilla.redhat.com/show_bug.cgi?id=1549586kernel: mishandling reference counts associated with f2fs_wait_discard_bios calls allowing local attacker to cause denial of service

EPSS

Процентиль: 13%

0.00042

Низкий

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2017-18200

CVSS3: 5.5

ubuntu

почти 8 лет назад

CVE-2017-18200

CVSS3: 5.5

nvd

почти 8 лет назад

CVE-2017-18200

CVSS3: 5.5

debian

почти 8 лет назад

The f2fs implementation in the Linux kernel before 4.14 mishandles ref ...

GHSA-j9rw-gf83-2qrw

CVSS3: 5.5

github

больше 3 лет назад

EPSS

Процентиль: 13%

0.00042

Низкий

5.5 Medium

CVSS3