Wind River Support Network

HomeDefectsLIN9-6660

Fixed

LIN9-6660 : Security Advisory - linux - CVE-2018-1094

Created: Apr 2, 2018 Updated: Dec 3, 2018

Resolved Date: May 6, 2018

Found In Version: 9.0.0.15

Fix Version: 9.0.0.16

Severity: Standard

Applicable for: Wind River Linux 9

Component/s: Kernel

Description

The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.15.15 does not always initialize the crc32c checksum driver, which allows attackers to cause a denial of service (ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted ext4 image.

https://nvd.nist.gov/vuln/detail/CVE-2018-1094

Other Downloads

Wind River Linux 9.0.0.16
Wind River Linux 9.0.0.17
Wind River Linux 9.0.0.18
Wind River Linux 9.0.0.19
Wind River Linux 9.0.0.20
Wind River Linux 9.0.0.21
Wind River Linux 9.0.0.22
Wind River Linux 9.0.0.23
Wind River Linux 9.0.0.24
Wind River Linux 9.0.0.25
Wind River Linux 9.0.0.26

CVEs

CVE-2018-1094