Lucene search

K

RedhatCVELIST:CVE-2018-10880

HistoryJul 25, 2018 - 1:00 p.m.

CVE-2018-10880

2018-07-2513:00:00

CWE-787

redhat

www.cve.org

1

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.7%

Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). An attacker could use this to cause a system crash and a denial of service.

CNA Affected

[
  {
    "product": "kernel",
    "vendor": "[UNKNOWN]",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

References

patchwork.ozlabs.org/patch/930639/

www.securityfocus.com/bid/104907

www.securityfocus.com/bid/106503

access.redhat.com/errata/RHSA-2018:2948

bugzilla.kernel.org/show_bug.cgi?id=200005

bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10880

git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8cdb5240ec5928b20490a2bb34cb87e9a5f40226

lists.debian.org/debian-lts-announce/2018/07/msg00020.html

usn.ubuntu.com/3821-1/

usn.ubuntu.com/3821-2/

usn.ubuntu.com/3871-1/

usn.ubuntu.com/3871-3/

usn.ubuntu.com/3871-4/

usn.ubuntu.com/3871-5/

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.7%

Related for CVELIST:CVE-2018-10880

prion1 ubuntucve1 redhatcve1 debiancve1 cve1 nvd1 openvas26 ubuntu7 cloudfoundry2 nessus23 photon1 suse2 mageia3 debian1 osv2 slackware1 redhat1 ibm1 lenovo1