UBUNTU-CVE-2024-41018

Description

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add a check for attr_names and oatbl Added out-of-bound checking for *ane (ATTR_NAME_ENTRY).

CVSS Metrics

• v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Systems

• ubuntu•linux

  < 6.8.0-48.48

• ubuntu•linux-allwinner-5.19

  all

• ubuntu•linux-aws

  < 6.8.0-1018.20

• ubuntu•linux-aws-5.0

  all

• ubuntu•linux-aws-5.11

  all

• ubuntu•linux-aws-5.13

  all

• ubuntu•linux-aws-5.19

  all

• ubuntu•linux-aws-5.3

  all

• ubuntu•linux-aws-5.8

  all

• ubuntu•linux-aws-6.2

  all

• ubuntu•linux-aws-6.8

  < 6.8.0-1018.19~22.04.1

• ubuntu•linux-azure

  all | < 6.8.0-1017.20

• ubuntu•linux-azure-5.11

  all

• ubuntu•linux-azure-5.13

  all

• ubuntu•linux-azure-5.19

  all

• ubuntu•linux-azure-5.3

  all

• ubuntu•linux-azure-5.8

  all

• ubuntu•linux-azure-6.2

  all

• ubuntu•linux-azure-6.8

  < 6.8.0-1017.20~22.04.1

• ubuntu•linux-azure-edge

  all

• ubuntu•linux-azure-fde

  all

• ubuntu•linux-azure-fde-5.19

  all

• ubuntu•linux-azure-fde-6.2

  all

• ubuntu•linux-gcp

  all | < 6.8.0-1017.19

• ubuntu•linux-gcp-5.11

  all

• ubuntu•linux-gcp-5.13

  all

• ubuntu•linux-gcp-5.19

  all

• ubuntu•linux-gcp-5.3

  all

• ubuntu•linux-gcp-5.8

  all

• ubuntu•linux-gcp-6.2

  all

• ubuntu•linux-gcp-6.8

  < 6.8.0-1017.19~22.04.1

• ubuntu•linux-gke

  all | < 6.8.0-1013.17

• ubuntu•linux-gke-4.15

  all

• ubuntu•linux-gke-5.15

  all

• ubuntu•linux-gke-5.4

  all

• ubuntu•linux-gkeop

  < 6.8.0-1002.4

• ubuntu•linux-gkeop-5.4

  all

• ubuntu•linux-hwe

  all

• ubuntu•linux-hwe-5.11

  all

• ubuntu•linux-hwe-5.13

  all

• ubuntu•linux-hwe-5.19

  all

• ubuntu•linux-hwe-5.8

  all

• ubuntu•linux-hwe-6.2

  all

• ubuntu•linux-hwe-6.5

  all

• ubuntu•linux-hwe-6.8

  < 6.8.0-48.48~22.04.1

• ubuntu•linux-hwe-edge

  all

• ubuntu•linux-ibm

  < 6.8.0-1015.15

• ubuntu•linux-intel-5.13

  all

• ubuntu•linux-intel-iot-realtime

  all

• ubuntu•linux-lowlatency

  < 6.8.0-48.48.3

Showing first 50 affected entries in server-rendered view.

References (17)

• https://ubuntu.com/security/CVE-2024-41018
• https://www.cve.org/CVERecord?id=CVE-2024-41018
• https://git.kernel.org/linus/702d4930eb06dcfda85a2fa67e8a1a27bfa2a845
• https://git.kernel.org/stable/c/f3124d51e4e7b56a732419d8dc270e807252334f
• https://git.kernel.org/stable/c/c114d2b88f8b226d4b2acf5a1ba0412cde6c31dd
• https://git.kernel.org/stable/c/9b71f820f7168f1eab8378c80c7ea8a022a475bc
• https://git.kernel.org/stable/c/702d4930eb06dcfda85a2fa67e8a1a27bfa2a845
• https://ubuntu.com/security/notices/USN-7089-1
• https://ubuntu.com/security/notices/USN-7090-1
• https://ubuntu.com/security/notices/USN-7089-2
• https://ubuntu.com/security/notices/USN-7089-3
• https://ubuntu.com/security/notices/USN-7095-1
• https://ubuntu.com/security/notices/USN-7089-4
• https://ubuntu.com/security/notices/USN-7089-5
• https://ubuntu.com/security/notices/USN-7089-6
• https://ubuntu.com/security/notices/USN-7089-7
• https://ubuntu.com/security/notices/USN-7156-1