Medium severity5.5NVD Advisory· Published Apr 2, 2018· Updated Jun 17, 2026
CVE-2018-1095
CVE-2018-1095
Description
The ext4_xattr_check_entries function in fs/ext4/xattr.c in the Linux kernel through 4.15.15 does not properly validate xattr sizes, which causes misinterpretation of a size as an error code, and consequently allows attackers to cause a denial of service (get_acl NULL pointer dereference and system crash) via a crafted ext4 image.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=4.15.15
Patches
Vulnerability mechanics
References
7- git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.git/commit/nvdPatch
- bugzilla.kernel.org/show_bug.cginvdExploitIssue Tracking
- openwall.com/lists/oss-security/2018/03/29/1nvdMailing List
- bugzilla.redhat.com/show_bug.cginvdIssue Tracking
- access.redhat.com/errata/RHSA-2018:2948nvd
- usn.ubuntu.com/3695-1/nvd
- usn.ubuntu.com/3695-2/nvd
News mentions
0No linked articles in our index yet.