CVE-2018-3689
https://notcve.org/view.php?id=CVE-2018-3689
AESM daemon in Intel Software Guard Extensions Platform Software Component for Linux before 2.1.102 can effectively be disabled by a local attacker creating a denial of services like remote attestation provided by the AESM. El demonio AESM en Intel Software Guard Extensions Platform Software Component para Linux, en versiones anteriores a la 2.1.102, puede ser deshabilitado por un atacante local que cree una denegación de servicios (DoS) como la atestación remota proporcionada por el AESM. • https://cdrdv2.intel.com/v1/dl/getContent/685355 •
CVE-2018-1094 – kernel: NULL pointer dereference in ext4/xattr.c:ext4_xattr_inode_hash() causes crash with crafted ext4 image
https://notcve.org/view.php?id=CVE-2018-1094
The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.15.15 does not always initialize the crc32c checksum driver, which allows attackers to cause a denial of service (ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted ext4 image. La función ext4_fill_super en fs/ext4/super.c en el kernel de Linux hasta la versión 4.15.15 no inicializa siempre el controlador de las sumas de verificación crc32c, lo que permite que los atacantes provoquen una denegación de servicio (desreferencia de puntero NULL en ext4_xattr_inode_hash y cierre inesperado del sistema) mediante una imagen ext4 manipulada. The Linux kernel is vulnerable to a NULL pointer dereference in the ext4/xattr.c:ext4_xattr_inode_hash() function. An attacker could trick a legitimate user or a privileged attacker could exploit this to cause a NULL pointer dereference with a crafted ext4 image. • http://openwall.com/lists/oss-security/2018/03/29/1 https://access.redhat.com/errata/RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2018:3083 https://access.redhat.com/errata/RHSA-2018:3096 https://bugzilla.kernel.org/show_bug.cgi?id=199183 https://bugzilla.redhat.com/show_bug.cgi?id=1560788 https://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.git/commit/?id=18db4b4e6fc31eda838dd1c1296d67dbcb3dc957 https://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.g • CWE-476: NULL Pointer Dereference •
CVE-2018-1095 – kernel: out-of-bound access in fs/posix_acl.c:get_acl() causes crash with crafted ext4 image
https://notcve.org/view.php?id=CVE-2018-1095
The ext4_xattr_check_entries function in fs/ext4/xattr.c in the Linux kernel through 4.15.15 does not properly validate xattr sizes, which causes misinterpretation of a size as an error code, and consequently allows attackers to cause a denial of service (get_acl NULL pointer dereference and system crash) via a crafted ext4 image. La función ext4_xattr_check_entries en fs/ext4/xattr.c en el kernel de Linux hasta la versión 4.15.15 no valida correctamente los tamaños de xattr, lo que provoca una malinterpretación de un tamaño como un código de error y, en consecuencia, permite que los atacantes provoquen una denegación de servicio (desreferencia de puntero NULL en get_acl y cierre inesperado del sistema) mediante una imagen ext4 manipulada. The Linux kernel is vulnerable to an out-of-bound access bug in the fs/posix_acl.c:get_acl() function. An attacker could trick a legitimate user or a privileged attacker could exploit this to cause a system crash or other unspecified impact with a crafted ext4 image. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely. • http://openwall.com/lists/oss-security/2018/03/29/1 https://access.redhat.com/errata/RHSA-2018:2948 https://bugzilla.kernel.org/show_bug.cgi?id=199185 https://bugzilla.redhat.com/show_bug.cgi?id=1560793 https://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.git/commit/?id=ce3fd194fcc6fbdc00ce095a852f22df97baa401 https://usn.ubuntu.com/3695-1 https://usn.ubuntu.com/3695-2 https://access.redhat.com/security/cve/CVE-2018-1095 • CWE-476: NULL Pointer Dereference •
CVE-2018-1092 – kernel: NULL pointer dereference in ext4/mballoc.c:ext4_process_freed_data() when mounting crafted ext4 image
https://notcve.org/view.php?id=CVE-2018-1092
The ext4_iget function in fs/ext4/inode.c in the Linux kernel through 4.15.15 mishandles the case of a root directory with a zero i_links_count, which allows attackers to cause a denial of service (ext4_process_freed_data NULL pointer dereference and OOPS) via a crafted ext4 image. La función ext4_iget en fs/ext4/inode.c en el kernel de Linux hasta la versión 4.15.15 gestiona de manera incorrecta el caso de un directorio root con un i_lnks_count igual a cero, lo que permite que los atacantes provoquen una denegación de servicio (desreferencia de puntero NULL en ext4_process_freed_data y OOPS) mediante una imagen ext4 manipulada. The Linux kernel is vulnerable to a NULL pointer dereference in the ext4/mballoc.c:ext4_process_freed_data() function. An attacker could trick a legitimate user or a privileged attacker could exploit this by mounting a crafted ext4 image to cause a kernel panic. • http://openwall.com/lists/oss-security/2018/03/29/1 https://access.redhat.com/errata/RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2018:3083 https://access.redhat.com/errata/RHSA-2018:3096 https://bugzilla.kernel.org/show_bug.cgi?id=199179 https://bugzilla.kernel.org/show_bug.cgi?id=199275 https://bugzilla.redhat.com/show_bug.cgi?id=1560777 https://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.git/commit/?id=8e4b5eae5decd9dfe5a4ee369c22028f90ab4c44 https://l • CWE-476: NULL Pointer Dereference •
CVE-2018-1093
https://notcve.org/view.php?id=CVE-2018-1093
The ext4_valid_block_bitmap function in fs/ext4/balloc.c in the Linux kernel through 4.15.15 allows attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image because balloc.c and ialloc.c do not validate bitmap block numbers. La función ext4_valid_block_bitmap en fs/ext4/balloc.c en el kernel de Linux hasta la versión 4.15.15 permite que los atacantes provoquen un denegación de servicio (lectura fuera de límites y cierre inesperado del sistema) mediante una imagen ext4 manipulada dado que balloc.c y ialloc.c no validan los números de los bloques de mapa de bits. • http://openwall.com/lists/oss-security/2018/03/29/1 https://bugzilla.kernel.org/show_bug.cgi?id=199181 https://bugzilla.redhat.com/show_bug.cgi?id=1560782 https://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.git/commit/?id=7dac4a1726a9c64a517d595c40e95e2d0d135f6f https://lists.debian.org/debian-lts-announce/2018/06/msg00000.html https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html https:// • CWE-125: Out-of-bounds Read •