Published: 04/04/2018 Updated: 04/07/2018

CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 437

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

The __get_data_block function in fs/f2fs/data.c in the Linux kernel prior to 4.11 allows local users to cause a denial of service (integer overflow and loop) via crafted use of the open and fallocate system calls with an FS_IOC_FIEMAP ioctl.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
debian debian linux 9.0

Several security issues were fixed in the Linux kernel ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2017-5715 Multiple researchers have discovered a vulnerability in various processors supporting speculative execution, enabling an attacker controlling an unprivileged process to read mem ...

CWE-190 https://github.com/torvalds/linux/commit/b86e33075ed1909d8002745b56ecf73b833db143 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b86e33075ed1909d8002745b56ecf73b833db143 https://www.debian.org/security/2018/dsa-4188 https://usn.ubuntu.com/3696-2/https://usn.ubuntu.com/3696-1/https://nvd.nist.gov https://usn.ubuntu.com/3696-1/

CVE-2017-18257

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect