Lucene search

Veracode Vulnerability DatabaseVERACODE:19513

HistoryMay 16, 2019 - 3:18 a.m.

Memory Corruption

2019-05-1603:18:34

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

6.1 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:P/I:P/A:C

JSON

Linux kernel is vulnerable to memory corruption attacks. An attacker could exploit a flaw in the ext4 filesystem to cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image.

CPENameOperatorVersion
kerneleq3.10.0__862.el7
kerneleq3.10.0__693.el7
kerneleq3.10.0__693.5.2.p7ih.el7
kerneleq3.10.0__514.16.1.el7
kerneleq3.10.0__862.2.3.el7
kerneleq3.10.0__514.21.2.el7
kerneleq3.10.0__693.21.1.el7
kerneleq3.10.0__693.11.6.el7
kerneleq3.10.0__862.11.6.el7
kerneleq3.10.0__514.26.2.el7

Name	Operator	Version
kernel	eq	3.10.0__862.el7
kernel	eq	3.10.0__693.el7
kernel	eq	3.10.0__693.5.2.p7ih.el7
kernel	eq	3.10.0__514.16.1.el7
kernel	eq	3.10.0__862.2.3.el7
kernel	eq	3.10.0__514.21.2.el7
kernel	eq	3.10.0__693.21.1.el7
kernel	eq	3.10.0__693.11.6.el7
kernel	eq	3.10.0__862.11.6.el7
kernel	eq	3.10.0__514.26.2.el7

Rows per page:

1-10 of 541

References

patchwork.ozlabs.org/patch/929237/

patchwork.ozlabs.org/patch/929238/

access.redhat.com/articles/3553061

access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.6_release_notes/index

access.redhat.com/errata/RHSA-2018:2948

access.redhat.com/errata/RHSA-2018:3083

access.redhat.com/errata/RHSA-2018:3096

access.redhat.com/security/cve/CVE-2017-18360

access.redhat.com/security/cve/CVE-2018-10878

access.redhat.com/security/cve/CVE-2018-18690

access.redhat.com/security/updates/classification/#important

bugzilla.kernel.org/show_bug.cgi?id=199865

bugzilla.redhat.com/show_bug.cgi?id=1322930

bugzilla.redhat.com/show_bug.cgi?id=1488484

bugzilla.redhat.com/show_bug.cgi?id=1504058

bugzilla.redhat.com/show_bug.cgi?id=1507027

bugzilla.redhat.com/show_bug.cgi?id=1542494

bugzilla.redhat.com/show_bug.cgi?id=1557434

bugzilla.redhat.com/show_bug.cgi?id=1557599

bugzilla.redhat.com/show_bug.cgi?id=1558328

bugzilla.redhat.com/show_bug.cgi?id=1561162

bugzilla.redhat.com/show_bug.cgi?id=1563697

bugzilla.redhat.com/show_bug.cgi?id=1564186

bugzilla.redhat.com/show_bug.cgi?id=1568167

bugzilla.redhat.com/show_bug.cgi?id=1572983

bugzilla.redhat.com/show_bug.cgi?id=1584775

bugzilla.redhat.com/show_bug.cgi?id=1592654

bugzilla.redhat.com/show_bug.cgi?id=1596802

bugzilla.redhat.com/show_bug.cgi?id=1609717

bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10878

git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=77260807d1170a8cf35dbb06e07461a655f67eee

git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=819b23f1c501b17b9694325471789e6b5cc2d0d2

lists.debian.org/debian-lts-announce/2018/07/msg00020.html

usn.ubuntu.com/3753-1/

usn.ubuntu.com/3753-2/

usn.ubuntu.com/3871-1/

usn.ubuntu.com/3871-3/

usn.ubuntu.com/3871-4/

usn.ubuntu.com/3871-5/

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

6.1 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:P/I:P/A:C

JSON

Related for VERACODE:19513