An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork.
4.4.0-208.2404.4.0-1126.1404.15.0-1098.105~16.04.14.15.0-1112.124~16.04.14.15.0-1097.110~16.04.14.15.0-142.146~16.04.14.10.0-14.16~16.04.14.10.0-19.21~16.04.14.10.0-20.22~16.04.14.10.0-21.23~16.04.14.10.0-22.24~16.04.14.10.0-24.28~16.04.14.10.0-26.30~16.04.14.11.0-13.19~16.04.14.11.0-14.20~16.04.14.13.0-16.19~16.04.3+13 more4.4.0-1091.1004.15.0-1069.77~16.04.14.4.0-1150.161Exploitability
AV:LAC:LPR:NUI:RScope
S:UImpact
C:NI:NA:HCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H