ntfs_read_locked_inode in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a use-after-free read and possibly cause a denial of service (kernel oops or panic) via a crafted ntfs filesystem.
References
Link | Resource |
---|---|
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763403 | Issue Tracking Third Party Advisory |
https://marc.info/?l=linux-ntfs-dev&m=152413769810234&w=2 | Mailing List Third Party Advisory |
http://www.securityfocus.com/bid/104588 | Third Party Advisory VDB Entry |
https://access.redhat.com/errata/RHSA-2019:0641 | Third Party Advisory |
Information
Published : 2018-06-28 07:29
Updated : 2019-03-26 06:35
NVD link : CVE-2018-12929
Mitre link : CVE-2018-12929
JSON object : View
CWE
CWE-416
Use After Free
Products Affected
canonical
- ubuntu_linux
linux
- linux_kernel