Oval Definition:oval:com.ubuntu.xenial:def:2018122330000000
Revision Date:2018-06-12Version:1
Title:CVE-2018-12233 on Ubuntu 16.04 LTS (xenial) - medium.
Description:In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file. This vulnerability can be triggered by an unprivileged user with the ability to create files and execute programs. A kmalloc call is incorrect, leading to slab-out-of-bounds in jfs_xattr. Shankara Pailoor discovered that the JFS filesystem implementation in the Linux kernel contained a buffer overflow when handling extended attributes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2018-12233
Platform(s):Ubuntu 16.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 16.04 LTS (xenial) is installed.
  • AND Package Information
  • linux package in xenial was vulnerable but has been fixed (note: '4.4.0-134.160').
  • OR linux-aws package in xenial was vulnerable but has been fixed (note: '4.4.0-1066.76').
  • OR linux-azure package in xenial was vulnerable but has been fixed (note: '4.15.0-1022.22~16.04.1').
  • OR linux-euclid: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'was needed ESM criteria').
  • OR linux-flo: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'abandoned').
  • OR linux-gcp package in xenial was vulnerable but has been fixed (note: '4.15.0-1018.19~16.04.2').
  • OR linux-gke: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'was needs-triage now end-of-life').
  • OR linux-goldfish: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'was needs-triage now end-of-life').
  • OR linux-hwe package in xenial was vulnerable but has been fixed (note: '4.15.0-33.36~16.04.1').
  • OR linux-kvm package in xenial was vulnerable but has been fixed (note: '4.4.0-1032.38').
  • OR linux-mako: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'abandoned').
  • OR linux-meta package in xenial was vulnerable but has been fixed (note: '4.4.0-134.160').
  • OR linux-meta-aws package in xenial was vulnerable but has been fixed (note: '4.4.0-1066.76').
  • OR linux-meta-azure package in xenial was vulnerable but has been fixed (note: '4.15.0-1022.22~16.04.1').
  • OR linux-meta-gcp package in xenial was vulnerable but has been fixed (note: '4.15.0-1018.19~16.04.2').
  • OR linux-meta-hwe package in xenial was vulnerable but has been fixed (note: '4.15.0-33.36~16.04.1').
  • OR linux-meta-kvm package in xenial was vulnerable but has been fixed (note: '4.4.0-1032.38').
  • OR linux-meta-raspi2 package in xenial was vulnerable but has been fixed (note: '4.4.0-1095.103').
  • OR linux-meta-snapdragon package in xenial was vulnerable but has been fixed (note: '4.4.0-1099.104').
  • OR linux-oem: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'was needed now end-of-life').
  • OR linux-raspi2 package in xenial was vulnerable but has been fixed (note: '4.4.0-1095.103').
  • OR linux-signed package in xenial was vulnerable but has been fixed (note: '4.4.0-134.160').
  • OR linux-signed-azure package in xenial was vulnerable but has been fixed (note: '4.15.0-1022.22~16.04.1').
  • OR linux-signed-gcp package in xenial was vulnerable but has been fixed (note: '4.15.0-1018.19~16.04.2').
  • OR linux-signed-hwe package in xenial was vulnerable but has been fixed (note: '4.15.0-33.36~16.04.1').
  • OR linux-snapdragon package in xenial was vulnerable but has been fixed (note: '4.4.0-1099.104').
    • BACK