Updated: 2023-12-06
CWE: Buffer Errors
Description:
In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file. This vulnerability can be triggered by an unprivileged user with the ability to create files and execute programs. A kmalloc call is incorrect, leading to slab-out-of-bounds in jfs_xattr.
CVSS3: 7.8
| OS | Vendor version | Errata |
|---|---|---|
| Ubuntu 18.04 | 4.15.0-33.36 | USN-3752-1 |
| Ubuntu 16.04 HWE | 4.15.0-33.36~16.04.1 | USN-3752-2 |
| Ubuntu 18.04 GCP | 4.15.0-1018.19 | USN-3752-1 |
| Ubuntu 16.04 GCP | 4.15.0-1018.19~16.04.2 | USN-3752-3 |
| Ubuntu 18.04 Azure | 4.15.0-1022.23 | USN-3752-3 |
| Ubuntu 16.04 Azure | 4.15.0-1022.22~16.04.1 | USN-3752-3 |
| OS | Original kernel version | State |
|---|---|---|
| Ubuntu 18.04 |
4.15.0-24.26
show all
hide all
4.15.0-32.35
4.15.0-20.21
4.15.0-29.31
4.15.0-23.25
4.15.0-22.24
4.15.0-30.32
|
Released |
| Ubuntu 16.04 HWE |
4.15.0-29.31~16.04.1
show all
hide all
4.15.0-24.26~16.04.1
4.15.0-30.32~16.04.1
4.15.0-32.35~16.04.1
|
Released |
| Debian 9 |
4.9.82-1+deb9u2
show all
hide all
4.9.107-1
4.9.30-2+deb9u1
4.9.88-1
4.9.88-1+deb9u1
4.9.51-1
4.9.30-2+deb9u5
4.9.65-1
4.9.80-1
4.9.30-2+deb9u4
4.9.65-3+deb9u1
4.9.30-2+deb9u3
4.9.30-2+deb9u2
4.9.30-2
4.9.65-3+deb9u2
4.9.65-3
4.9.80-2
4.9.82-1+deb9u3
|
Released |
| Debian 8 backports |
4.9.30-2+deb9u2~bpo8+1
show all
hide all
4.9.30-2+deb9u5~bpo8+1
4.9.30-2~bpo8+1
4.9.51-1~bpo8+1
4.9.65-3+deb9u1~bpo8+1
4.9.65-3+deb9u2~bpo8+1
4.9.65-3~bpo8+1
4.9.82-1+deb9u3~bpo8+1
4.9.88-1+deb9u1~bpo8+1
4.9.88-1~bpo8+1
|
Released |
| Proxmox VE 5 |
4.15.18-1-pve_4.15.18-17
show all
hide all
4.15.18-1-pve_4.15.18-19
4.15.18-2-pve_4.15.18-21
4.15.10-1-pve_4.15.10-4
4.15.15-1-pve_4.15.15-6
4.15.17-1-pve_4.15.17-9
4.15.17-2-pve_4.15.17-10
4.15.18-1-pve_4.15.18-16
4.15.3-1-pve_4.15.3-1
4.15.18-1-pve_4.15.18-15
4.15.18-2-pve_4.15.18-20
4.15.17-3-pve_4.15.17-12
|
Released |
| Ubuntu 18.04 GCP |
4.15.0-1006.6
show all
hide all
4.15.0-1014.14
4.15.0-1015.15
4.15.0-1017.18
4.15.0-1009.9
4.15.0-1008.8
4.15.0-1010.10
|
Released |
| Ubuntu 16.04 GCP |
4.15.0-1017.18~16.04.1
show all
hide all
4.15.0-1014.14~16.04.1
4.15.0-1015.15~16.04.1
|
Released |
| Endurance 6 elrepo |
4.4.112-1.el6.elrepo
|
Released |
| Endurance 7 eig 4.14 | |
Ready For Release |
| Proofpoint | |
Ready For Release |
| Ubuntu 18.04 Azure |
4.15.0-1009.9
show all
hide all
4.15.0-1018.18
4.15.0-1014.14
4.15.0-1012.12
4.15.0-1021.21
4.15.0-1013.13
4.15.0-1019.19
|
Released |
| Ubuntu 16.04 Azure |
4.15.0-1019.19~16.04.1
show all
hide all
4.15.0-1014.14~16.04.1
4.15.0-1021.21~16.04.1
4.15.0-1018.18~16.04.1
4.15.0-1013.13~16.04.2
|
Released |
| Debian 10 cloud | |
Will Not Fix |
| Debian 9 backports | |
Will Not Fix |