Medium severity5.5NVD Advisory· Published May 3, 2018· Updated Jun 17, 2026
CVE-2018-10689
CVE-2018-10689
Description
blktrace (aka Block IO Tracing) 1.2.0, as used with the Linux kernel and Android, has a buffer overflow in the dev_map_read function in btt/devmap.c because the device and devno arrays are too small, as demonstrated by an invalid free when using the btt program with a crafted file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- osv-coords4 versionspkg:rpm/opensuse/blktrace&distro=openSUSE%20Leap%2015.0pkg:rpm/suse/blktrace&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015pkg:rpm/suse/blktrace&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/blktrace&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5
< 1.1.0+git.20170126-lp150.2.3.1+ 3 more
- (no CPE)range: < 1.1.0+git.20170126-lp150.2.3.1
- (no CPE)range: < 1.1.0+git.20170126-3.3.28
- (no CPE)range: < 1.0.5-8.5.74
- (no CPE)range: < 1.0.5-8.5.74
Patches
Vulnerability mechanics
References
5- git.kernel.org/pub/scm/linux/kernel/git/axboe/blktrace.git/commit/nvdPatch
- www.securityfocus.com/bid/104142nvdThird Party AdvisoryVDB Entry
- www.spinics.net/lists/linux-btrace/msg00847.htmlnvdMailing ListThird Party Advisory
- access.redhat.com/errata/RHSA-2019:2162nvd
- security.gentoo.org/glsa/202107-15nvd
News mentions
0No linked articles in our index yet.