ALT-PU-2018-1661-1
Package kernel-image-std-pae updated to version 4.4.131-alt1 for branch sisyphus in task 205624.
Closed vulnerabilities
Published: 2018-03-26
BDU:2018-00715
Уязвимость функции ext4_valid_block_bitmap ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5)
Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References:
Published: 2018-04-02
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2018-1093
The ext4_valid_block_bitmap function in fs/ext4/balloc.c in the Linux kernel through 4.15.15 allows attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image because balloc.c and ialloc.c do not validate bitmap block numbers.
Severity: MEDIUM (5.5)
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References:
- http://openwall.com/lists/oss-security/2018/03/29/1
- http://openwall.com/lists/oss-security/2018/03/29/1
- https://bugzilla.kernel.org/show_bug.cgi?id=199181
- https://bugzilla.kernel.org/show_bug.cgi?id=199181
- https://bugzilla.redhat.com/show_bug.cgi?id=1560782
- https://bugzilla.redhat.com/show_bug.cgi?id=1560782
- https://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.git/commit/?id=7dac4a1726a9c64a517d595c40e95e2d0d135f6f
- https://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.git/commit/?id=7dac4a1726a9c64a517d595c40e95e2d0d135f6f
- [debian-lts-announce] 20180601 [SECURITY] [DLA 1392-1] linux security update
- [debian-lts-announce] 20180601 [SECURITY] [DLA 1392-1] linux security update
- [debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update
- [debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update
- [debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update
- [debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update
- USN-3676-1
- USN-3676-1
- USN-3676-2
- USN-3676-2
- USN-3752-1
- USN-3752-1
- USN-3752-2
- USN-3752-2
- USN-3752-3
- USN-3752-3
- USN-3754-1
- USN-3754-1
- DSA-4188
- DSA-4188