Invalid Pointer Dereference in Btrfs Root Node Mounting Vulnerability

Invalid Pointer Dereference in Btrfs Root Node Mounting Vulnerability

CVE-2018-14612 · HIGH Severity

AV:N/AC:M/AU:N/C:N/I:N/A:C

An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in btrfs_root_node() when mounting a crafted btrfs image, because of a lack of chunk block group mapping validation in btrfs_read_block_groups in fs/btrfs/extent-tree.c, and a lack of empty-tree checks in check_leaf in fs/btrfs/tree-checker.c.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.