CVE-2018-10881
published 2018-07-26CVE-2018-10881: A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and…
medium5.5CVSS 3.0
AVLACLPRLUINSUCNINAH
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.
Affected
18 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | linux | < linux 4.17.3-1 (bookworm) | linux 4.17.3-1 (bookworm) |
| linux | linux_kernel | < 4.17.6 | 4.17.6 |
| linux | linux_kernel | >= 0 < 4.17.3-1 | 4.17.3-1 |
| linux | linux_kernel | >= 0 < 4.17.3-1 | 4.17.3-1 |
| linux | linux_kernel | >= 0 < 4.17.3-1 | 4.17.3-1 |
| linux | linux_kernel | >= 0 < 4.17.3-1 | 4.17.3-1 |
| linux | linux_kernel | >= 0 < 3.13.0-157.207 | 3.13.0-157.207 |
| linux | linux_kernel | >= 0 < 4.4.0-134.160 | 4.4.0-134.160 |
| linux | linux_kernel | >= 0 < 4.15.0-33.36 | 4.15.0-33.36 |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_for_real_time | — | — |
| redhat | enterprise_linux_for_real_time_for_nfv | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_workstation | — | — |
CVSS provenance
nvdv3.05.5MEDIUMCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv7.8HIGH