{ "CVE_data_meta" : { "ASSIGNER" : "secalert@redhat.com", "ID" : "CVE-2018-1093", "STATE" : "PUBLIC" }, "affects" : { "vendor" : { "vendor_data" : [ { "product" : { "product_data" : [ { "product_name" : "Linux kernel through version 4.15", "version" : { "version_data" : [ { "version_value" : "Linux kernel through version 4.15" } ] } } ] }, "vendor_name" : "n/a" } ] } }, "data_format" : "MITRE", "data_type" : "CVE", "data_version" : "4.0", "description" : { "description_data" : [ { "lang" : "eng", "value" : "The ext4_valid_block_bitmap function in fs/ext4/balloc.c in the Linux kernel through 4.15.15 allows attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image because balloc.c and ialloc.c do not validate bitmap block numbers." } ] }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "eng", "value" : "out-of-bounds read" } ] } ] }, "references" : { "reference_data" : [ { "name" : "[debian-lts-announce] 20180601 [SECURITY] [DLA 1392-1] linux security update", "refsource" : "MLIST", "url" : "https://lists.debian.org/debian-lts-announce/2018/06/msg00000.html" }, { "name" : "[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update", "refsource" : "MLIST", "url" : "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html" }, { "name" : "[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update", "refsource" : "MLIST", "url" : "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html" }, { "name" : "http://openwall.com/lists/oss-security/2018/03/29/1", "refsource" : "MISC", "url" : "http://openwall.com/lists/oss-security/2018/03/29/1" }, { "name" : "https://bugzilla.kernel.org/show_bug.cgi?id=199181", "refsource" : "MISC", "url" : "https://bugzilla.kernel.org/show_bug.cgi?id=199181" }, { "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1560782", "refsource" : "MISC", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1560782" }, { "name" : "https://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.git/commit/?id=7dac4a1726a9c64a517d595c40e95e2d0d135f6f", "refsource" : "MISC", "url" : "https://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.git/commit/?id=7dac4a1726a9c64a517d595c40e95e2d0d135f6f" }, { "name" : "DSA-4188", "refsource" : "DEBIAN", "url" : "https://www.debian.org/security/2018/dsa-4188" }, { "name" : "USN-3676-1", "refsource" : "UBUNTU", "url" : "https://usn.ubuntu.com/3676-1/" }, { "name" : "USN-3676-2", "refsource" : "UBUNTU", "url" : "https://usn.ubuntu.com/3676-2/" }, { "name" : "USN-3752-1", "refsource" : "UBUNTU", "url" : "https://usn.ubuntu.com/3752-1/" }, { "name" : "USN-3752-2", "refsource" : "UBUNTU", "url" : "https://usn.ubuntu.com/3752-2/" }, { "name" : "USN-3754-1", "refsource" : "UBUNTU", "url" : "https://usn.ubuntu.com/3754-1/" }, { "name" : "USN-3752-3", "refsource" : "UBUNTU", "url" : "https://usn.ubuntu.com/3752-3/" } ] } }