Stack-based Out-of-Bounds Write Vulnerability in Linux Kernel 4.15.0's ntfs.ko Filesystem Driver

Stack-based Out-of-Bounds Write Vulnerability in Linux Kernel 4.15.0's ntfs.ko Filesystem Driver

CVE-2018-12930 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

ntfs_end_buffer_async_read in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.