DEBIAN-CVE-2018-16862

Advisory lineage Upstream: 1 Downstream: 2

Upstream

CVE-2018-16862

Downstream

DLA-1715-1 DLA-1731-1

Published: 26 Nov 2018, 19:29

Last modified:28 Apr 2026, 20:18

Vulnerability Summary

Overall Risk (default)

low

22/100

CVSS Score

5.5 MEDIUM

3.0 (osv_debian)

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

26 Nov 2018, 19:29

Published

Vulnerability first disclosed

28 Apr 2026, 20:18

Last Modified

Vulnerability information updated

Description

A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.

CVSS Metrics

v3.0•MEDIUM•Score: 5.5CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Systems

debian•linux
< 4.19.9-1 | < 4.19.9-1 | < 4.19.9-1 | < 4.19.9-1

References (1)

https://security-tracker.debian.org/tracker/CVE-2018-16862