CVE-2018-12928NULL Pointer Dereference in Ubuntu Linux

CWE-476NULL Pointer Dereference7 documents6 sources
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 75.18%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Canonical Ubuntu LinuxLinux KernelDebian Linux
Timeline
PublishedJun 28
Latest updateMay 14

Description

In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

debiandebian/linux

Also affects: Ubuntu Linux 16.04.4

🔴Vulnerability Details

2
GHSA
GHSA-v3q7-v865-v6vx: In the Linux kernel 42022-05-14
OSV
CVE-2018-12928: In the Linux kernel 42018-06-28

📋Vendor Advisories

2
Red Hat
kernel: NULL pointer dereference in hfs_ext_read_extent in hfs.ko2018-04-12
Debian
CVE-2018-12928: linux - In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext...2018

💬Community

2
Bugzilla
CVE-2018-12928 kernel: NULL pointer dereference in hfs_ext_read_extent in hfs.ko2018-07-03
Bugzilla
CVE-2018-12928 kernel: NULL pointer dereference in hfs_ext_read_extent in hfs.ko [fedora-all]2018-07-03