USN-3678-1

Advisory lineage Upstream: 6 Downstream: 0

Upstream

CVE-2018-10021 CVE-2018-1092 CVE-2018-8087 UBUNTU-CVE-2018-10021 UBUNTU-CVE-2018-1092 UBUNTU-CVE-2018-8087

Published: 12 Jun 2018, 00:36

Last modified:22 Apr 2026, 09:46

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

12 Jun 2018, 00:36

Published

Vulnerability first disclosed

22 Apr 2026, 09:46

Last Modified

Vulnerability information updated

Description

linux, linux-aws, linux-gcp, linux-kvm vulnerabilities Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 filesystem that caused a denial of service (system crash) when mounted. (CVE-2018-1092) It was discovered that the 802.11 software simulator implementation in the Linux kernel contained a memory leak when handling certain error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2018-8087) It was discovered that a memory leak existed in the Serial Attached SCSI (SAS) implementation in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (memory exhaustion). (CVE-2018-10021)

Affected Systems

ubuntu•linux
< 4.15.0-23.25
ubuntu•linux-aws
< 4.15.0-1010.10
ubuntu•linux-gcp
< 4.15.0-1009.9
ubuntu•linux-kvm
< 4.15.0-1011.11

USN-3678-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (4)