Lucene search

K
cve[email protected]CVE-2018-10878
HistoryJul 26, 2018 - 6:29 p.m.

CVE-2018-10878

2018-07-2618:29:00
CWE-787
web.nvd.nist.gov
225
cve-2018-10878
linux kernel
ext4 filesystem
out-of-bounds write
denial of service
nvd

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.4 High

AI Score

Confidence

High

6.1 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:P/I:P/A:C

0.0004 Low

EPSS

Percentile

10.0%

A flaw was found in the Linux kernel’s ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image.

Affected configurations

NVD
Node
canonicalubuntu_linuxMatch14.04lts
OR
canonicalubuntu_linuxMatch16.04lts
OR
canonicalubuntu_linuxMatch18.04lts
Node
linuxlinux_kernelRange<3.16.58
OR
linuxlinux_kernelRange3.173.18.124
OR
linuxlinux_kernelRange3.194.4.140
OR
linuxlinux_kernelRange4.54.9.112
OR
linuxlinux_kernelRange4.104.14.55
OR
linuxlinux_kernelRange4.154.17.6
Node
debiandebian_linuxMatch8.0
Node
redhatenterprise_linux_desktopMatch7.0
OR
redhatenterprise_linux_serverMatch7.0
OR
redhatenterprise_linux_workstationMatch7.0

CNA Affected

[
  {
    "product": "kernel",
    "vendor": "[UNKNOWN]",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.4 High

AI Score

Confidence

High

6.1 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:P/I:P/A:C

0.0004 Low

EPSS

Percentile

10.0%