Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.5
CVSSv3

CVE-2018-13097

Published: 03/07/2018 Updated: 03/04/2019
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Linux Kernel

Vulnerability Summary

An issue exists in fs/f2fs/super.c in the Linux kernel up to and including 4.17.3. There is an out-of-bounds read or a divide-by-zero error for an incorrect user_block_count in a corrupted f2fs image, leading to a denial of service (BUG).

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

Vendor Advisories

Ubuntu Security Notice: linux, linux-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux-lts-xenial, linux-aws vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux-aws vulnerabilities
Several security issues were fixed in the Linux kernel ...
Red Hat: CVE-2018-13097
A flaw was discovered in the F2FS filesystem code in fs/f2fs/superc in the Linux kernel An out-of-bounds read or a divide-by-zero error for an incorrect user_block_count in a corrupted f2fs image can lead to a denial of service ...

References

CWE-125CWE-369https://bugzilla.kernel.org/show_bug.cgi?id=200171https://lists.debian.org/debian-lts-announce/2019/03/msg00017.htmlhttps://usn.ubuntu.com/3932-2/https://usn.ubuntu.com/3932-1/https://usn.ubuntu.com/4094-1/https://usn.ubuntu.com/4118-1/https://seclists.org/bugtraq/2019/Jan/52http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00033.htmlhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9dc956b2c8523aed39d1e6508438be9fea28c8fchttp://packetstormsecurity.com/files/151420/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.htmlhttps://nvd.nist.govhttps://usn.ubuntu.com/4094-1/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761command injectionCVE-2024-3676IDORCVE-2024-30039CVE-2024-32113CVE-2024-30049CVE-2024-4776SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook