CVE-2018-12931

7.8HIGH

Key Information:

Vendor: Linux
Status: Linux Kernel; Ubuntu Linux
Vendor: CVE Published:; 28 June 2018

Summary

ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem.

References

https://marc.info/?l=linux-ntfs-dev&m=152413769810234&w=2

x_refsource_MISC

https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763403

x_refsource_MISC

http://www.securityfocus.com/bid/104588

vdb-entryx_refsource_BID

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 28, 2018
Vulnerability Reserved
Jun 28, 2018

Collectors

NVD DatabaseMitre Database

.