CVE-2017-18249

HIGH7.0EPSS 0.07%

linux-4.9 - security update

發布日:2018/3/26修改日:2026/4/28

描述

The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads.

受影響套件(2)

Debian/linuxfrom 0, < 4.12.6-1
Debian/linux-4.9from 0, < 4.9.144-3.1~deb8u1

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	HIGH7.0	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2017-18249