CVE-2018-1093

CVSS v3.0 5.5 (Medium)

CVSS v2.0 7.1 (High)

EPSS 0.23 % (62^th)

Affected Products 1

Advisories 16

The ext4_valid_block_bitmap function in fs/ext4/balloc.c in the Linux kernel through 4.15.15 allows attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image because balloc.c and ialloc.c do not validate bitmap block numbers.

Weaknesses

CWE-125: Out-of-bounds Read

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2018-04-02 03:29:00
(6 years ago)
Updated Date: 2018-08-29 10:29:03
(6 years ago)

Affected Products

Linux

Linux Kernel

Configuration #1

		CPE23	From	Up To
	Linux Kernel 4.15.15 and prior versions	cpe:2.3:o:linux:linux_kernel		<= 4.15.15