CVE-2018-12233 — HIGH (7.8)

Q: How severe is CVE-2018-12233?

CVE-2018-12233 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2018-12233?

Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Canonical Ubuntu Linux.

Vulnerability Description

In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file. This vulnerability can be triggered by an unprivileged user with the ability to create files and execute programs. A kmalloc call is incorrect, leading to slab-out-of-bounds in jfs_xattr.

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Linux	Linux Kernel	>= 2.6.12, < 3.16.58
Canonical	Ubuntu Linux	14.04

Related Weaknesses (CWE)

CWE-119

References

http://www.securityfocus.com/bid/104452Third Party AdvisoryVDB Entry
https://lists.debian.org/debian-lts-announce/2018/07/msg00015.htmlThird Party AdvisoryVDB Entry
https://lists.debian.org/debian-lts-announce/2018/07/msg00016.htmlThird Party AdvisoryVDB Entry
https://lists.debian.org/debian-lts-announce/2018/07/msg00020.htmlThird Party AdvisoryVDB Entry
https://lkml.org/lkml/2018/6/2/2Third Party AdvisoryVDB Entry
https://marc.info/?l=linux-kernel&m=152814391530549&w=2Third Party Advisory
https://usn.ubuntu.com/3752-1/Third Party AdvisoryVDB Entry
https://usn.ubuntu.com/3752-2/Third Party AdvisoryVDB Entry
https://usn.ubuntu.com/3752-3/Third Party AdvisoryVDB Entry
https://usn.ubuntu.com/3753-1/Third Party AdvisoryVDB Entry
https://usn.ubuntu.com/3753-2/Third Party AdvisoryVDB Entry
https://usn.ubuntu.com/3754-1/Third Party AdvisoryVDB Entry
http://www.securityfocus.com/bid/104452Third Party AdvisoryVDB Entry
https://lists.debian.org/debian-lts-announce/2018/07/msg00015.htmlThird Party AdvisoryVDB Entry
https://lists.debian.org/debian-lts-announce/2018/07/msg00016.htmlThird Party AdvisoryVDB Entry

FAQ

What is CVE-2018-12233?

CVE-2018-12233 is a vulnerability with a CVSS score of 7.8 (HIGH). In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on th...

How severe is CVE-2018-12233?

CVE-2018-12233 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-12233?

Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Canonical Ubuntu Linux.