CVE-2018-12931 - OpenCVE

ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem.

No CVSS v4.0

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Canonical	Ubuntu Linux
Linux	Linux Kernel
Redhat	Enterprise Mrg

Configuration 1 [-]

OR	cpe:2.3:o:canonical:ubuntu_linux:16.04.4::::lts:::
	cpe:2.3:o:linux:linux_kernel:4.15:::::::*

Package	CPE	Advisory	Released Date
Red Hat Enterprise MRG 2
kernel-rt-1:3.10.0-693.46.1.rt56.639.el6rt	cpe:/a:redhat:enterprise_mrg:2:server:el6	RHSA-2019:0641	2019-03-26T00:00:00Z

References

Link	Providers
http://www.securityfocus.com/bid/104588
https://access.redhat.com/errata/RHSA-2019:0641
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763403
https://marc.info/?l=linux-ntfs-dev&m=152413769810234&w=2
https://nvd.nist.gov/vuln/detail/CVE-2018-12931
https://www.cve.org/CVERecord?id=CVE-2018-12931

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-06-28T14:00:00

Updated: 2024-08-05T08:45:02.565Z

Reserved: 2018-06-28T00:00:00

Link: CVE-2018-12931

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2018-06-28T14:29:00.510

Modified: 2019-03-26T13:35:20.957

Link: CVE-2018-12931

Redhat

Severity : Low

Publid Date: 2018-04-12T00:00:00Z

Links: CVE-2018-12931 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-06-28T00:00:00", "descriptions": [{"lang": "en", "value": "ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-03-26T10:06:07", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://marc.info/?l=linux-ntfs-dev&m=152413769810234&w=2"}, {"tags": ["x_refsource_MISC"], "url": "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763403"}, {"name": "104588", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/104588"}, {"name": "RHSA-2019:0641", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:0641"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-12931", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://marc.info/?l=linux-ntfs-dev&m=152413769810234&w=2", "refsource": "MISC", "url": "https://marc.info/?l=linux-ntfs-dev&m=152413769810234&w=2"}, {"name": "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763403", "refsource": "MISC", "url": "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763403"}, {"name": "104588", "refsource": "BID", "url": "http://www.securityfocus.com/bid/104588"}, {"name": "RHSA-2019:0641", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:0641"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T08:45:02.565Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://marc.info/?l=linux-ntfs-dev&m=152413769810234&w=2"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763403"}, {"name": "104588", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/104588"}, {"name": "RHSA-2019:0641", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:0641"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-12931", "datePublished": "2018-06-28T14:00:00", "dateReserved": "2018-06-28T00:00:00", "dateUpdated": "2024-08-05T08:45:02.565Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04.4:*:*:*:lts:*:*:*", "matchCriteriaId": "07D7E90D-91CC-4AB1-AAEB-6F3BD90FF8FF", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:4.15:*:*:*:*:*:*:*", "matchCriteriaId": "380E55F5-238D-4FBB-8DB1-DB10EFC37CD0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem."}, {"lang": "es", "value": "ntfs_attr_find en el controlador en el sistema de archivos ntfs.ko en el kernel de Linux 4.15.0 permite que los atacantes desencadenen una escritura fuera de l\u00edmites basada en la pila de memoria y provoquen una denegaci\u00f3n de servicio (OOPS o p\u00e1nico del kernel) o, posiblemente, provoquen otro impacto no especificado mediante un sistema de archivos ntfs manipulado."}], "id": "CVE-2018-12931", "lastModified": "2019-03-26T13:35:20.957", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-06-28T14:29:00.510", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/104588"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:0641"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763403"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://marc.info/?l=linux-ntfs-dev&m=152413769810234&w=2"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2019:0641", "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package": "kernel-rt-1:3.10.0-693.46.1.rt56.639.el6rt", "product_name": "Red Hat Enterprise MRG 2", "release_date": "2019-03-26T00:00:00Z"}], "bugzilla": {"description": "kernel: stack-based out-of-bounds write in ntfs_attr_find in the ntfs.ko", "id": "1597843", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1597843"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.6", "cvss3_scoring_vector": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-787", "details": ["ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem.", "A flaw was found in ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel. This allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service or possibly have unspecified other impact via a crafted ntfs filesystem image. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely."], "name": "CVE-2018-12931", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-alt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}], "public_date": "2018-04-12T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2018-12931\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-12931"], "threat_severity": "Low"}