Lucene search

K
redhatcveRedhat.comRH:CVE-2018-11412
HistoryMay 25, 2018 - 1:18 a.m.

CVE-2018-11412

2018-05-2501:18:43
redhat.com
access.redhat.com
13

EPSS

0.031

Percentile

91.1%

The fs/ext4/inline.c:ext4_read_inline_data() function in the Linux kernel performs a memcpy with an untrusted length value in certain circumstances involving a crafted filesystem that stores the system.data extended attribute value in a dedicated inode. The unbound copy can cause memory corruption or possible privilege escalation.