Vulnerability Details : CVE-2018-12233
In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file. This vulnerability can be triggered by an unprivileged user with the ability to create files and execute programs. A kmalloc call is incorrect, leading to slab-out-of-bounds in jfs_xattr.
Vulnerability category: OverflowMemory Corruption
Products affected by CVE-2018-12233
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
Threat overview for CVE-2018-12233
Top countries where our scanners detected CVE-2018-12233
Top open port discovered on systems with this issue
49152
IPs affected by CVE-2018-12233 22,745
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2018-12233!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2018-12233
0.46%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 75 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-12233
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST | |
7.8
|
HIGH | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST | |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST | 2024-02-09 |
CWE ids for CVE-2018-12233
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-12233
-
https://usn.ubuntu.com/3754-1/
USN-3754-1: Linux kernel vulnerabilities | Ubuntu security noticesThird Party Advisory;VDB Entry
-
https://usn.ubuntu.com/3752-2/
USN-3752-2: Linux kernel (HWE) vulnerabilities | Ubuntu security noticesThird Party Advisory;VDB Entry
-
https://usn.ubuntu.com/3752-1/
USN-3752-1: Linux kernel vulnerabilities | Ubuntu security noticesThird Party Advisory;VDB Entry
-
http://www.securityfocus.com/bid/104452
Linux Kernel 'fs/jfs/xattr.c' Local Memory Corruption VulnerabilityThird Party Advisory;VDB Entry
-
https://lkml.org/lkml/2018/6/2/2
LKML: shankarapailoor: Re: Slab out of bounds in setxattrThird Party Advisory;VDB Entry
-
https://usn.ubuntu.com/3753-2/
USN-3753-2: Linux kernel (Xenial HWE) vulnerabilities | Ubuntu security noticesThird Party Advisory;VDB Entry
-
https://usn.ubuntu.com/3752-3/
USN-3752-3: Linux kernel (Azure, GCP, OEM) vulnerabilities | Ubuntu security noticesThird Party Advisory;VDB Entry
-
https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html
[SECURITY] [DLA 1423-1] linux-4.9 new packageThird Party Advisory;VDB Entry
-
https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html
[SECURITY] [DLA 1422-1] linux security updateThird Party Advisory;VDB Entry
-
https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html
[SECURITY] [DLA 1422-2] linux security updateThird Party Advisory;VDB Entry
-
https://marc.info/?l=linux-kernel&m=152814391530549&w=2
'Re: Slab out of bounds in setxattr' - MARCThird Party Advisory
-
https://usn.ubuntu.com/3753-1/
USN-3753-1: Linux kernel vulnerabilities | Ubuntu security noticesThird Party Advisory;VDB Entry
Jump to