Back to search
CVE-2018-18690
Published: Oct 26, 2018
Modified: Aug 5, 2024
PUBLISHED
Description
In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandles ATTR_REPLACE operations with conversion of an attr from short to long form.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
USN-3848-2
vendor-advisory
x_refsource_UBUNTU
USN-3847-1
vendor-advisory
x_refsource_UBUNTU
USN-3847-2
vendor-advisory
x_refsource_UBUNTU
USN-3849-1
vendor-advisory
x_refsource_UBUNTU
USN-3849-2
vendor-advisory
x_refsource_UBUNTU
USN-3848-1
vendor-advisory
x_refsource_UBUNTU
USN-3847-3
vendor-advisory
x_refsource_UBUNTU
https://bugzilla.suse.com/show_bug.cgi?id=1105025
x_refsource_MISC
105753
vdb-entry
x_refsource_BID
https://bugzilla.kernel.org/show_bug.cgi?id=199119
x_refsource_MISC
[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update
mailing-list
x_refsource_MLIST
[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update
mailing-list
x_refsource_MLIST
[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now