First published: Fri Jun 29 2018(Updated: )
A flaw was found in Linux kernel ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and so a denial of service or possibly unspecified other impact by when renaming a file in a crafted ext4 filesystem image. References: <a href="https://bugzilla.kernel.org/show_bug.cgi?id=200001">https://bugzilla.kernel.org/show_bug.cgi?id=200001</a> Upstream patches: <a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5369a762c882c0b6e9599e4ebbb3a9ba9eee7e2d">https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5369a762c882c0b6e9599e4ebbb3a9ba9eee7e2d</a> <a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=513f86d73855ce556ea9522b6bfd79f87356dc3a">https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=513f86d73855ce556ea9522b6bfd79f87356dc3a</a>
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Canonical Ubuntu Linux | =14.04 | |
Canonical Ubuntu Linux | =16.04 | |
Canonical Ubuntu Linux | =18.04 | |
Linux Linux kernel | <4.17.6 | |
Debian Debian Linux | =8.0 | |
Redhat Enterprise Linux | =7.0 | |
Redhat Enterprise Linux Desktop | =7.0 | |
Redhat Enterprise Linux Server | =7.0 | |
Redhat Enterprise Linux Workstation | =7.0 | |
Google Android | ||
debian/linux | 5.10.223-1 5.10.226-1 6.1.106-3 6.1.112-1 6.11.4-1 6.11.5-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.