Medium
Canonical Ubuntu
It was discovered that the XFS file system in the Linux kernel did not properly handle mount failures in some situations. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2018-20976)
Benjamin Moody discovered that the XFS file system in the Linux kernel did not properly handle an error condition when out of disk quota. A local attacker could possibly use this to cause a denial of service. (CVE-2019-15538)
CVEs contained in this USN include: CVE-2018-20976, CVE-2019-15538
Severity is medium unless otherwise noted.
Users of affected products are strongly encouraged to follow one of the mitigations below: