The ext4_valid_block_bitmap function in fs/ext4/balloc.c in the Linux kernel through 4.15.15 allows attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image because balloc.c and ialloc.c do not validate bitmap block numbers.
3.13.0-157.2074.4.0-1023.234.4.0-128.154~14.04.14.4.0-128.1544.4.0-1061.704.15.0-1022.22~16.04.14.15.0-1018.19~16.04.24.15.0-33.36~16.04.14.4.0-1027.324.4.0-1091.99Exploitability
AV:LAC:LPR:NUI:RScope
S:UImpact
C:NI:NA:HCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H