USN-4486-1

Details

Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly validate meta-data information. An attacker could use this to construct a malicious xfs image that, when mounted, could cause a denial of service (system crash).

Affected Packages

Ubuntu:16.04:LTSlinux

Fixed in:

4.4.0-189.219

Ubuntu:16.04:LTSlinux-aws

Fixed in:

4.4.0-1113.126

Ubuntu:16.04:LTSlinux-kvm

Fixed in:

4.4.0-1079.86

Ubuntu:16.04:LTSlinux-raspi2

Fixed in:

4.4.0-1138.147

Ubuntu:16.04:LTSlinux-snapdragon

Fixed in:

4.4.0-1142.151

Ubuntu:Pro:14.04:LTSlinux-aws

Fixed in:

4.4.0-1077.81

Ubuntu:Pro:14.04:LTSlinux-lts-xenial

Fixed in:

4.4.0-189.219~14.04.1

References

REPORThttps://ubuntu.com/security/CVE-2018-10323 ADVISORYhttps://ubuntu.com/security/notices/USN-4486-1

USN-4486-1

Details

Affected Packages

References

Upstream

Ecosystems

Timeline