CVE-2018-10878

CVSS v3.1 7.8 (High)

CVSS v2.0 6.1 (Medium)

EPSS 0.04 % (11^th)

Affected Products 6

Advisories 22

A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image.

Weaknesses

CWE-787: Out-of-bounds Write

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2018-07-26 18:29:00
(6 years ago)
Updated Date: 2023-10-05 14:15:54
(11 months ago)

Affected Products

Redhat

Configuration #1

		CPE23	From	Up To
	Canonical Ubuntu Linux 14.04	cpe:2.3:o:canonical:ubuntu_linux:14.04:::*:lts
	Canonical Ubuntu Linux 16.04	cpe:2.3:o:canonical:ubuntu_linux:16.04:::*:lts
	Canonical Ubuntu Linux 18.04	cpe:2.3:o:canonical:ubuntu_linux:18.04:::*:lts

Configuration #2

	CPE23	From	Up To
Linux Kernel prior 3.16.58 version	cpe:2.3:o:linux:linux_kernel		< 3.16.58
Linux Kernel from 3.17 version and prior 3.18.124 version	cpe:2.3:o:linux:linux_kernel	>= 3.17	< 3.18.124
Linux Kernel from 3.19 version and prior 4.4.140 version	cpe:2.3:o:linux:linux_kernel	>= 3.19	< 4.4.140
Linux Kernel from 4.5 version and prior 4.9.112 version	cpe:2.3:o:linux:linux_kernel	>= 4.5	< 4.9.112
Linux Kernel from 4.10 version and prior 4.14.55 version	cpe:2.3:o:linux:linux_kernel	>= 4.10	< 4.14.55
Linux Kernel from 4.15 version and prior 4.17.6 version	cpe:2.3:o:linux:linux_kernel	>= 4.15	< 4.17.6

Configuration #3

		CPE23	From	Up To
	Debian Linux 8.0	cpe:2.3:o:debian:debian_linux:8.0

Configuration #4

		CPE23	From	Up To
	Redhat Enterprise Linux Desktop 7.0	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
	Redhat Enterprise Linux Server 7.0	cpe:2.3:o:redhat:enterprise_linux_server:7.0
	Redhat Enterprise Linux Workstation 7.0	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0

Weaknesses

Affected Products

Canonical

Debian

Linux

Redhat

Configuration #1

Configuration #2

Configuration #3

Configuration #4