DEBIAN-CVE-2018-13098

An issue was discovered in fs/f2fs/inode.c in the Linux kernel through 4.17.3. A denial of service slab out-of-bounds read and BUG can occur for a modified f2fs filesystem image in which FIEXTRAATTR is set in an inode...

DEBIAN-CVE-2018-13094

An issue was discovered in fs/xfs/libxfs/xfsattrleaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after xfsdashrinkinode is called with a NULL bp...

DEBIAN-CVE-2018-13095

An issue was discovered in fs/xfs/libxfs/xfsinodebuf.c in the Linux kernel through 4.17.3. A denial of service memory corruption and BUG can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork...

CVE-2018-13095

An issue was discovered in fs/xfs/libxfs/xfsinodebuf.c in the Linux kernel through 4.17.3. A denial of service memory corruption and BUG can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork...

CVE-2018-13093

An issue was discovered in fs/xfs/xfsicache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookupslow on a NULL inode-iops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free...

CVE-2018-13093

CVE-2018-13093 relates to a NULL pointer dereference in Linux kernel fs/xfs/xfs_icache.c during pathwalks on a corrupted XFS image, caused by missing validation that cached inodes are freed during allocation. Impact: potential crash/DoS. Remediation: Debian LTS advisory DLA-2114-1 lists this CVE ...

CVE-2018-13093

An issue was discovered in fs/xfs/xfsicache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookupslow on a NULL inode-iops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free...

CVE-2018-13095

CVE-2018-13095 affects the Linux kernel up to 4.17.3 in fs/xfs/libxfs/xfs_inode_buf.c. A corrupted XFS image with an inode in extent format that has more extents than fit in the inode fork can trigger memory corruption and a bug (DoS). The connected advisories (Unity Linux, various Nessus plugins...

Linux kernel denial of service vulnerability (CNVD-2018-12668)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A denial of service vulnerability exists in fs/f2fs/inode.c in 4.17.3 and earlier versions of the Linux kernel. An...

CVE-2018-13093

An issue was discovered in fs/xfs/xfsicache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookupslow on a NULL inode-iops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free...

UBUNTU-CVE-2018-13099

An issue was discovered in fs/f2fs/inline.c in the Linux kernel through 4.4. A denial of service out-of-bounds memory access and BUG can occur for a modified f2fs filesystem image in which an inline inode contains an invalid reserved blkaddr...

UBUNTU-CVE-2018-13093

An issue was discovered in fs/xfs/xfsicache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookupslow on a NULL inode-iops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free...

UBUNTU-CVE-2018-13098

An issue was discovered in fs/f2fs/inode.c in the Linux kernel through 4.17.3. A denial of service slab out-of-bounds read and BUG can occur for a modified f2fs filesystem image in which FIEXTRAATTR is set in an inode...

Linux kernel denial of service vulnerability (CNVD-2018-12665)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A denial of service vulnerability exists in fs/xfs/libxfs/xfsinodebuf.c in 4.17.3 and earlier versions of the Linux...

kernel: vfs: BUG in truncate_inode_pages_range() and fuse client

A non-privileged user is able to mount a fuse filesystem on RHEL 6 or 7 and crash a system if an application punches a hole in a file that does not end aligned to a page boundary...

Linux ext4: out-of-bounds memcpy via non-inline system.data xattr(CVE-2018-11412)

ext4 can store data for small regular files as "inline data", meaning that the data is stored inside the corresponding inode instead of in separate blocks. Inline data is stored in two places: The first 60 bytes go in the iblock field in the inode which normally contains a list of blocks instead,...

Linux Kernel ext4_read_inline_data() Memory Corruption

ext4 can store data for small regular files as "inline data", meaning that the data is stored inside the corresponding inode instead of in separate blocks. Inline data is stored in two places: The first 60 bytes go in the iblock field in the inode which normally contains a list of blocks instead,...

Linux Kernel 4.16.11 - ext4_read_inline_data() Memory Corruption

Linux Kernel 4.16.11 - ext4readinlinedata Memory Corruption ext4 can store data for small regular files as "inline data", meaning that the data is stored inside the corresponding inode instead of in separate blocks. Inline data is stored in two places: The first 60 bytes go in the iblock field in...

Linux Kernel 4.16.11 #LinuxKernel - #ext4_read_inline_data() Memory Corruption Exploit

Exploit for linux platform in category dos / poc ext4 can store data for small regular files as "inline data", meaning that the data is stored inside the corresponding inode instead of in separate blocks. Inline data is stored in two places: The first 60 bytes go in the iblock field in the inode...

Linux Kernel < 4.16.11 - 'ext4_read_inline_data()' Memory Corruption

ext4 can store data for small regular files as "inline data", meaning that the data is stored inside the corresponding inode instead of in separate blocks. Inline data is stored in two places: The first 60 bytes go in the iblock field in the inode which normally contains a list of blocks instead,...