UBUNTU-CVE-2018-13098

Advisory lineage Upstream: 1 Downstream: 2
Upstream
CVE-2018-13098
Published: 03 Jul 2018, 00:00
Last modified:20 May 2026, 16:03

Vulnerability Summary

Overall Risk (default)
low
22/100
CVSS Score
5.5 MEDIUM
3.0 (osv_ubuntu)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

03 Jul 2018, 00:00
Published
Vulnerability first disclosed
20 May 2026, 16:03
Last Modified
Vulnerability information updated

Description

An issue was discovered in fs/f2fs/inode.c in the Linux kernel through 4.17.3. A denial of service (slab out-of-bounds read and BUG) can occur for a modified f2fs filesystem image in which FI_EXTRA_ATTR is set in an inode.

CVSS Metrics

  • v3.0MEDIUMScore: 5.5CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Systems

  • ubuntulinux

    all | < 4.15.0-58.64

  • ubuntulinux-aws

    all | < 4.15.0-1047.49

  • ubuntulinux-aws-fips

    < 4.15.0-2018.18 | all

  • ubuntulinux-aws-hwe

    < 4.15.0-1047.49~16.04.1

  • ubuntulinux-azure

    < 4.15.0-1059.64~14.04.1 | < 4.15.0-1055.60 | < 4.18.0-1011.11~18.04.1

  • ubuntulinux-azure-fde

    all

  • ubuntulinux-azure-fips

    < 4.15.0-2006.7 | all

  • ubuntulinux-fips

    all

  • ubuntulinux-gcp

    < 4.15.0-1040.42~16.04.1 | < 4.15.0-1040.42

  • ubuntulinux-gcp-fips

    all

  • ubuntulinux-gke-4.15

    < 4.15.0-1040.42

  • ubuntulinux-hwe

    < 4.15.0-58.64~16.04.1

  • ubuntulinux-intel-iot-realtime

    all

  • ubuntulinux-kvm

    all | < 4.15.0-1042.42

  • ubuntulinux-lts-xenial

    all

  • ubuntulinux-nvidia

    all

  • ubuntulinux-oem

    < 4.15.0-1050.57

  • ubuntulinux-oracle

    < 4.15.0-1021.23~16.04.1 | < 4.15.0-1021.23

  • ubuntulinux-raspi-realtime

    all

  • ubuntulinux-raspi2

    < 4.15.0-1043.46

  • ubuntulinux-realtime

    all

  • ubuntulinux-riscv

    all

  • ubuntulinux-snapdragon

    < 4.15.0-1060.66

References (7)