Stack-based Out-of-Bounds Write Vulnerability in Linux Kernel 4.15.0's ntfs_attr_find Function

Stack-based Out-of-Bounds Write Vulnerability in Linux Kernel 4.15.0's ntfs_attr_find Function

CVE-2018-12931 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.