Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2018-18690

Опубликовано: 15 мар. 2018
Источник: redhat
CVSS3: 5.5
EPSS Низкий

Описание

In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandles ATTR_REPLACE operations with conversion of an attr from short to long form.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelNot affected
Red Hat Enterprise Linux 6kernelWill not fix
Red Hat Enterprise Linux 7kernel-altNot affected
Red Hat Enterprise Linux 8kernelNot affected
Red Hat Enterprise Linux 8kernel-rtNot affected
Red Hat Enterprise MRG 2kernel-rtNot affected
Red Hat Enterprise Linux 7kernel-rtFixedRHSA-2018:309630.10.2018
Red Hat Enterprise Linux 7kernelFixedRHSA-2018:308330.10.2018

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-391
https://bugzilla.redhat.com/show_bug.cgi?id=1643988kernel: filesystem corruption due to an unchecked error condition during an xfs attribute change

EPSS

Процентиль: 26%
0.00086
Низкий

5.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2018-18690

CVSS3: 5.5
ubuntu
почти 7 лет назад

In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandles ATTR_REPLACE operations with conversion of an attr from short to long form.

nvd логотип

CVE-2018-18690

CVSS3: 5.5
nvd
почти 7 лет назад

In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandles ATTR_REPLACE operations with conversion of an attr from short to long form.

debian логотип

CVE-2018-18690

CVSS3: 5.5
debian
почти 7 лет назад

In the Linux kernel before 4.17, a local attacker able to set attribut ...

github логотип

GHSA-pw76-34wq-mpfr

CVSS3: 5.5
github
около 3 лет назад

In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandles ATTR_REPLACE operations with conversion of an attr from short to long form.

fstec логотип

BDU:2019-01345

CVSS3: 5.5
fstec
больше 7 лет назад

Уязвимость функции xfs_attr_shortform_addname реализации файловой системы XFS операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 26%
0.00086
Низкий

5.5 Medium

CVSS3