UBUNTU-CVE-2018-14610

Advisory lineage Upstream: 1 Downstream: 4
Upstream
CVE-2018-14610
Published: 27 Jul 2018, 00:00
Last modified:03 Jun 2026, 13:31

Vulnerability Summary

Overall Risk (default)
low
22/100
CVSS Score
5.5 MEDIUM
3.0 (osv_ubuntu)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

27 Jul 2018, 00:00
Published
Vulnerability first disclosed
03 Jun 2026, 13:31
Last Modified
Vulnerability information updated

Description

An issue was discovered in the Linux kernel through 4.17.10. There is out-of-bounds access in write_extent_buffer() when mounting and operating a crafted btrfs image, because of a lack of verification that each block group has a corresponding chunk at mount time, within btrfs_read_block_groups in fs/btrfs/extent-tree.c.

CVSS Metrics

  • v3.0MEDIUMScore: 5.5CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Systems

  • ubuntulinux

    all | < 4.4.0-145.171 | < 4.15.0-58.64

  • ubuntulinux-aws

    < 4.4.0-1040.43 | < 4.4.0-1079.89 | < 4.15.0-1047.49

  • ubuntulinux-aws-fips

    < 4.15.0-2018.18 | all

  • ubuntulinux-aws-hwe

    < 4.15.0-1047.49~16.04.1

  • ubuntulinux-azure

    < 4.15.0-1059.64~14.04.1 | < 4.15.0-1055.60 | < 5.0.0-1014.14~18.04.1

  • ubuntulinux-azure-fde

    all

  • ubuntulinux-azure-fde-5.15

    all

  • ubuntulinux-azure-fips

    < 4.15.0-2006.7 | all

  • ubuntulinux-bluefield

    all

  • ubuntulinux-fips

    < 4.4.0-1008.10

  • ubuntulinux-gcp

    < 4.15.0-1040.42~16.04.1 | < 4.15.0-1040.42

  • ubuntulinux-gcp-fips

    all

  • ubuntulinux-gke

    all

  • ubuntulinux-gke-4.15

    < 4.15.0-1040.42

  • ubuntulinux-hwe

    < 4.15.0-58.64~16.04.1 | < 5.0.0-23.24~18.04.1

  • ubuntulinux-intel-iot-realtime

    all

  • ubuntulinux-kvm

    < 4.4.0-1043.49 | < 4.15.0-1042.42

  • ubuntulinux-lts-xenial

    < 4.4.0-144.170~14.04.1

  • ubuntulinux-nvidia

    all

  • ubuntulinux-oem

    < 4.15.0-1050.57

  • ubuntulinux-oracle

    < 4.15.0-1021.23~16.04.1 | < 4.15.0-1021.23

  • ubuntulinux-raspi-realtime

    all

  • ubuntulinux-raspi2

    < 4.4.0-1106.114 | < 4.15.0-1043.46 | all

  • ubuntulinux-realtime

    all

  • ubuntulinux-riscv

    all | all

  • ubuntulinux-snapdragon

    < 4.4.0-1110.115 | < 4.15.0-1060.66

References (8)