CVE-2018-13094

An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after xfs_da_shrink_inode() is called with a NULL bp.

From the Ubuntu Security Team

Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly handle an error condition with a corrupted xfs image. An attacker could use this to construct a malicious xfs image that, when mounted, could cause a denial of service (system crash).

Status

Show unmaintained releases

Package	Ubuntu Release	Status
linux	18.10 cosmic	Not affected
	18.04 LTS bionic	Fixed 4.15.0-33.36
	17.10 artful	Ignored
	16.04 LTS xenial	Fixed 4.4.0-134.160
	14.04 LTS trusty	Fixed 3.13.0-157.207
linux-aws	18.10 cosmic	Not affected
	18.04 LTS bionic	Fixed 4.15.0-1020.20
	17.10 artful	Not in release
	16.04 LTS xenial	Fixed 4.4.0-1066.76
	14.04 LTS trusty	Fixed 4.4.0-1028.31
linux-azure	18.10 cosmic	Not affected
	18.04 LTS bionic	Fixed 4.15.0-1022.23
	17.10 artful	Not in release
	16.04 LTS xenial	Fixed 4.15.0-1022.22~16.04.1
	14.04 LTS trusty	Not affected
linux-azure-edge	18.10 cosmic	Not in release
	18.04 LTS bionic	Not affected
	17.10 artful	Not in release
	16.04 LTS xenial	Fixed 4.15.0-1022.23
	14.04 LTS trusty	Not in release
linux-euclid	18.10 cosmic	Not in release
	18.04 LTS bionic	Not in release
	17.10 artful	Not in release
	16.04 LTS xenial	Ignored
	14.04 LTS trusty	Not in release
linux-flo	18.10 cosmic	Not in release
	18.04 LTS bionic	Not in release
	17.10 artful	Not in release
	16.04 LTS xenial	Ignored
	14.04 LTS trusty	Not in release
linux-gcp	18.10 cosmic	Not affected
	18.04 LTS bionic	Fixed 4.15.0-1018.19
	17.10 artful	Not in release
	16.04 LTS xenial	Fixed 4.15.0-1018.19~16.04.2
	14.04 LTS trusty	Not in release
linux-gke	18.10 cosmic	Not in release
	18.04 LTS bionic	Not in release
	17.10 artful	Not in release
	16.04 LTS xenial	Ignored
	14.04 LTS trusty	Not in release
linux-goldfish	18.10 cosmic	Not in release
	18.04 LTS bionic	Not in release
	17.10 artful	Not in release
	16.04 LTS xenial	Ignored
	14.04 LTS trusty	Not in release
linux-grouper	18.10 cosmic	Not in release
	18.04 LTS bionic	Not in release
	17.10 artful	Not in release
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
linux-hwe	18.10 cosmic	Not in release
	18.04 LTS bionic	Not affected
	17.10 artful	Not in release
	16.04 LTS xenial	Fixed 4.15.0-33.36~16.04.1
	14.04 LTS trusty	Not in release
linux-hwe-edge	18.10 cosmic	Not in release
	18.04 LTS bionic	Not affected
	17.10 artful	Not in release
	16.04 LTS xenial	Fixed 4.15.0-33.36~16.04.1
	14.04 LTS trusty	Not in release
linux-kvm	18.10 cosmic	Not affected
	18.04 LTS bionic	Fixed 4.15.0-1020.20
	17.10 artful	Not in release
	16.04 LTS xenial	Fixed 4.4.0-1032.38
	14.04 LTS trusty	Not in release
linux-lts-trusty	18.10 cosmic	Not in release
	18.04 LTS bionic	Not in release
	17.10 artful	Not in release
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
linux-lts-utopic	18.10 cosmic	Not in release
	18.04 LTS bionic	Not in release
	17.10 artful	Not in release
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
linux-lts-vivid	18.10 cosmic	Not in release
	18.04 LTS bionic	Not in release
	17.10 artful	Not in release
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
linux-lts-wily	18.10 cosmic	Not in release
	18.04 LTS bionic	Not in release
	17.10 artful	Not in release
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
linux-lts-xenial	18.10 cosmic	Not in release
	18.04 LTS bionic	Not in release
	17.10 artful	Not in release
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Fixed 4.4.0-134.160~14.04.1
linux-maguro	18.10 cosmic	Not in release
	18.04 LTS bionic	Not in release
	17.10 artful	Not in release
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
linux-mako	18.10 cosmic	Not in release
	18.04 LTS bionic	Not in release
	17.10 artful	Not in release
	16.04 LTS xenial	Ignored
	14.04 LTS trusty	Not in release
linux-manta	18.10 cosmic	Not in release
	18.04 LTS bionic	Not in release
	17.10 artful	Not in release
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
linux-oem	18.10 cosmic	Not affected
	18.04 LTS bionic	Fixed 4.15.0-1017.20
	17.10 artful	Not in release
	16.04 LTS xenial	Ignored
	14.04 LTS trusty	Not in release
linux-raspi2	18.10 cosmic	Not affected
	18.04 LTS bionic	Fixed 4.15.0-1021.23
	17.10 artful	Ignored
	16.04 LTS xenial	Fixed 4.4.0-1095.103
	14.04 LTS trusty	Not in release
linux-snapdragon	18.10 cosmic	Not in release
	18.04 LTS bionic	Not affected
	17.10 artful	Ignored
	16.04 LTS xenial	Fixed 4.4.0-1099.104
	14.04 LTS trusty	Not in release

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
linux	Introduced by 1da177e, fixed by bb3d48d

Severity score breakdown

Parameter	Value
Base score	5.5 · Medium
Attack vector	Local
Attack complexity	Low
Privileges required	None
User interaction	Required
Scope	Unchanged
Confidentiality	None
Integrity impact	None
Availability impact	High
Vector	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References

Related Ubuntu Security Notices (USN)

USN-3753-1
Linux kernel vulnerabilities
24 August 2018

USN-3752-2
Linux kernel (HWE) vulnerabilities
24 August 2018

USN-3752-1
Linux kernel vulnerabilities
24 August 2018

USN-3753-2
Linux kernel (Xenial HWE) vulnerabilities
24 August 2018

USN-3752-3
Linux kernel (Azure, GCP, OEM) vulnerabilities
28 August 2018

USN-3754-1
Linux kernel vulnerabilities
24 August 2018