CVE-2018-10880

CVSS v3.0 5.5 (Medium)

CVSS v2.0 7.1 (High)

EPSS 0.11 % (45^th)

Affected Products 4

Advisories 18

Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). An attacker could use this to cause a system crash and a denial of service.

Weaknesses

CWE-787: Out-of-bounds Write

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2018-07-25 13:29:00
(6 years ago)
Updated Date: 2023-02-13 04:51:36
(19 months ago)

Affected Products

Configuration #1

		CPE23	From	Up To
	Debian Linux 8.0	cpe:2.3:o:debian:debian_linux:8.0

Configuration #2

		CPE23	From	Up To
	Linux Kernel prior 4.17.6 version	cpe:2.3:o:linux:linux_kernel		< 4.17.6

Configuration #3

		CPE23	From	Up To
	Redhat Enterprise Linux 7.0	cpe:2.3:o:redhat:enterprise_linux:7.0

Configuration #4

		CPE23	From	Up To
	Canonical Ubuntu Linux 14.04	cpe:2.3:o:canonical:ubuntu_linux:14.04:::*:lts
	Canonical Ubuntu Linux 16.04	cpe:2.3:o:canonical:ubuntu_linux:16.04:::*:lts
	Canonical Ubuntu Linux 18.04	cpe:2.3:o:canonical:ubuntu_linux:18.04:::*:lts

Weaknesses

Affected Products

Canonical

Debian

Linux

Redhat

Configuration #1

Configuration #2

Configuration #3

Configuration #4