Out-of-Bounds Read and System Crash Vulnerability in ext4_valid_block_bitmap Function

Out-of-Bounds Read and System Crash Vulnerability in ext4_valid_block_bitmap Function

CVE-2018-1093 · HIGH Severity

AV:N/AC:M/AU:N/C:N/I:N/A:C

The ext4_valid_block_bitmap function in fs/ext4/balloc.c in the Linux kernel through 4.15.15 allows attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image because balloc.c and ialloc.c do not validate bitmap block numbers.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.