CVE-2018-11412
MEDIUM5.9EPSS 11.2%發布日:2018/5/24修改日:2026/4/28
也稱為:DEBIAN-CVE-2018-11412
描述
In the Linux kernel 4.13 through 4.16.11, ext4_read_inline_data() in fs/ext4/inline.c performs a memcpy with an untrusted length value in certain circumstances involving a crafted filesystem that stores the system.data extended attribute value in a dedicated inode.
受影響套件(1)
- Debian/linuxfrom 0, < 4.17.3-1
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM5.9 | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |