Linux : Security Vulnerabilities, CVEs, Published In July 2018 (Denial of service)
drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free).
Max CVSS
7.8
EPSS Score
0.06%
Published
2018-07-29
Updated
2019-04-23
An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xen_failsafe_callback entry point in arch/x86/entry/entry_64.S does not properly maintain RBX, which allows local users to cause a denial of service (uninitialized memory usage and system crash). Within Xen, 64-bit x86 PV Linux guest OS users can trigger a guest OS crash or possibly gain privileges.
Max CVSS
7.8
EPSS Score
0.04%
Published
2018-07-28
Updated
2023-02-24
An issue was discovered in fs/f2fs/inline.c in the Linux kernel through 4.4. A denial of service (out-of-bounds memory access and BUG) can occur for a modified f2fs filesystem image in which an inline inode contains an invalid reserved blkaddr.
Max CVSS
5.5
EPSS Score
0.11%
Published
2018-07-03
Updated
2022-10-07
An issue was discovered in fs/f2fs/inode.c in the Linux kernel through 4.17.3. A denial of service (slab out-of-bounds read and BUG) can occur for a modified f2fs filesystem image in which FI_EXTRA_ATTR is set in an inode.
Max CVSS
5.5
EPSS Score
0.17%
Published
2018-07-03
Updated
2019-08-13
An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.17.3. There is an out-of-bounds read or a divide-by-zero error for an incorrect user_block_count in a corrupted f2fs image, leading to a denial of service (BUG).
Max CVSS
5.5
EPSS Score
0.26%
Published
2018-07-03
Updated
2019-04-03
An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.14. A denial of service (out-of-bounds memory access and BUG) can occur upon encountering an abnormal bitmap size when mounting a crafted f2fs image.
Max CVSS
5.5
EPSS Score
0.25%
Published
2018-07-03
Updated
2022-10-07
An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork.
Max CVSS
5.5
EPSS Score
0.18%
Published
2018-07-03
Updated
2020-08-24
An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls.
Max CVSS
5.5
EPSS Score
0.04%
Published
2018-07-02
Updated
2019-04-03
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.
Max CVSS
5.5
EPSS Score
0.04%
Published
2018-07-30
Updated
2023-02-12
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound write in in fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image.
Max CVSS
5.5
EPSS Score
0.04%
Published
2018-07-27
Updated
2023-02-12
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.
Max CVSS
5.5
EPSS Score
0.04%
Published
2018-07-26
Updated
2023-02-12
Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). An attacker could use this to cause a system crash and a denial of service.
Max CVSS
7.1
EPSS Score
0.11%
Published
2018-07-25
Updated
2023-02-13
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image.
Max CVSS
7.8
EPSS Score
0.04%
Published
2018-07-26
Updated
2023-02-13
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image.
Max CVSS
7.8
EPSS Score
0.04%
Published
2018-07-26
Updated
2023-10-05
14 vulnerabilities found