Out-of-Bounds Write Vulnerability in Linux Kernel's Ext4 Filesystem
CVE-2018-10882

4.8MEDIUM

Key Information:

Vendor: [unknown]
Status: Kernel
Vendor: CVE Published:; 27 July 2018

What is CVE-2018-10882?

A vulnerability exists in the ext4 filesystem of the Linux kernel, where a crafted filesystem image can allow a local user to perform out-of-bounds writes. This flaw may lead to a denial of service, causing unexpected system crashes when the manipulated filesystem is unmounted. Timely updates and patches from the vendor are crucial to mitigate these risks.

Affected Version(s)

kernel

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10882

x_refsource_CONFIRM

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/...

x_refsource_CONFIRM

https://usn.ubuntu.com/3753-2/

vendor-advisoryx_refsource_UBUNTU

CVSS V3.1

Score:

4.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Physical

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

CVSS V3.0

Score:

4.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Physical

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 27, 2018
Vulnerability Reserved
May 9, 2018

CVE-2018-10882 Data

JSON

[unknown]

What is CVE-2018-10882?

Affected Version(s)

References

CVSS V3.1

CVSS V3.0

Timeline