CVE-2018-12233Improper Restriction of Operations within the Bounds of a Memory Buffer in Kernel

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer19 documents7 sources
Severity
7.8HIGHNVD
OSV5.5OSV4.3
EPSS
0.1%
top 75.64%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Linux KernelDebian LinuxCanonical Ubuntu Linux
Timeline
PublishedJun 12
Latest updateMay 14

Description

In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file. This vulnerability can be triggered by an unprivileged user with the ability to create files and execute programs. A kmalloc call is incorrect, leading to slab-out-of-bounds in jfs_xattr.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

NVDlinux/linux_kernel2.6.123.16.58+5
Debianlinux/linux_kernel< 4.17.3-1+3
Ubuntulinux/linux_kernel< 3.13.0-157.207+2
debiandebian/linux< linux 4.17.3-1 (bookworm)

Also affects: Ubuntu Linux 14.04, 16.04, 18.04

🔴Vulnerability Details

8
GHSA
GHSA-wwc3-55gv-x4c8: In the ea_get function in fs/jfs/xattr2022-05-14
OSV
linux-azure, linux-oem, linux-gcp vulnerabilities2018-08-28
OSV
linux, linux-aws, linux-gcp, linux-kvm, linux-raspi2 vulnerabilities2018-08-24
OSV
linux vulnerabilities2018-08-24
OSV
linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities2018-08-24

📋Vendor Advisories

8
Ubuntu
Linux kernel (Azure, GCP, OEM) vulnerabilities2018-08-28
Ubuntu
Linux kernel (Xenial HWE) vulnerabilities2018-08-24
Ubuntu
Linux kernel vulnerabilities2018-08-24
Ubuntu
Linux kernel vulnerabilities2018-08-24
Ubuntu
Linux kernel (HWE) vulnerabilities2018-08-24

💬Community

2
Bugzilla
CVE-2018-12233 kernel: Memory corruption in JFS setattr2018-06-12
Bugzilla
CVE-2018-12233 kernel: Memory corruption in JFS setattr [fedora-all]2018-06-12