CVE-2018-1095

🗓️ 02 Apr 2018 03:00:00Reported by redhatType

The ext4_xattr_check_entries function in fs/ext4/xattr.c in the Linux kernel through 4.15.15 does not properly validate xattr sizes, causing denial of service

Reporter	Title	Published	Views	Family All 70
BDU FSTEC	The vulnerability of the ext4_xattr_checkEntries function in the Linux operating system’s kernel allows a hacker to cause a service failure.	25 May 201800:00	–	bdu_fstec
CNVD	Linux kernel denial of service vulnerability (CNVD-2018-08146)	2 Apr 201800:00	–	cnvd
Cvelist	CVE-2018-1095	2 Apr 201803:00	–	cvelist
Debian CVE	CVE-2018-1095	2 Apr 201803:00	–	debiancve
Tenable Nessus	EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1531)	14 May 201900:00	–	nessus
Tenable Nessus	RHEL 7 : kernel-alt (RHSA-2018:2948)	31 Oct 201800:00	–	nessus
Tenable Nessus	Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-3695-1)	3 Jul 201800:00	–	nessus
Tenable Nessus	Ubuntu 16.04 LTS : Linux kernel (HWE) vulnerabilities (USN-3695-2)	3 Jul 201800:00	–	nessus
Tenable Nessus	Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001654)	16 Jan 202600:00	–	nessus
Tenable Nessus	Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002860)	15 Jan 202600:00	–	nessus

NVD

Vulners

Node

linux linux_kernelRange≤4.15.15

[
  {
    "product": "Linux kernel through version 4.15",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Linux kernel through version 4.15"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.git/commit/
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
openwall	www.openwall.com/lists/oss-security/2018/03/29/1
bugzilla	www.bugzilla.kernel.org/show_bug.cgi
access	www.access.redhat.com/errata/RHSA-2018:2948
usn	www.usn.ubuntu.com/3695-2/
usn	www.usn.ubuntu.com/3695-1/

21 Nov 2024 03:59Current

5.1Medium risk

Vulners AI Score5.1

CVSS 35.5

CVSS 27.1

EPSS0.00153

CWE-476