CVE-2018-12931

Опубликовано: 12 апр. 2018

Источник: redhat

CVSS3: 4.6

Описание

ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem.

A flaw was found in ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel. This allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service or possibly have unspecified other impact via a crafted ntfs filesystem image. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 7	kernel	Not affected
Red Hat Enterprise Linux 7	kernel-alt	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Not affected
Red Hat Enterprise Linux 8	kernel	Not affected
Red Hat Enterprise MRG 2	kernel-rt	Fixed	RHSA-2019:0641	26.03.2019

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-787

https://bugzilla.redhat.com/show_bug.cgi?id=1597843kernel: stack-based out-of-bounds write in ntfs_attr_find in the ntfs.ko

4.6 Medium

CVSS3

Связанные уязвимости

CVE-2018-12931

CVSS3: 7.8

ubuntu

больше 7 лет назад

CVE-2018-12931

CVSS3: 7.8

nvd

больше 7 лет назад

CVE-2018-12931

CVSS3: 7.8

debian

больше 7 лет назад

ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4. ...

GHSA-mw3m-9gpv-4mc5

CVSS3: 7.8

github

больше 3 лет назад

4.6 Medium

CVSS3