Medium severity5.5NVD Advisory· Published Sep 21, 2018· Updated Jun 17, 2026
CVE-2018-16597
CVE-2018-16597
Description
An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
25- osv-coords24 versionspkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP3pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP3pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP3pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP3pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP3pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP3pkg:rpm/suse/kgraft-patch-SLE12-SP3_Update_18&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3
< 4.4.162-4.19.2+ 23 more
- (no CPE)range: < 4.4.162-4.19.2
- (no CPE)range: < 4.4.162-4.19.2
- (no CPE)range: < 4.4.156-94.57.1
- (no CPE)range: < 4.4.156-94.57.1
- (no CPE)range: < 4.4.156-94.57.1
- (no CPE)range: < 4.4.156-94.57.1
- (no CPE)range: < 4.4.156-94.57.1
- (no CPE)range: < 4.4.156-94.57.1
- (no CPE)range: < 4.4.156-94.57.1
- (no CPE)range: < 4.4.162-3.26.1
- (no CPE)range: < 4.4.162-3.26.1
- (no CPE)range: < 4.4.162-4.19.1
- (no CPE)range: < 4.4.162-4.19.1
- (no CPE)range: < 4.4.156-94.57.1
- (no CPE)range: < 4.4.156-94.57.1
- (no CPE)range: < 4.4.156-94.57.1
- (no CPE)range: < 4.4.162-3.26.1
- (no CPE)range: < 4.4.162-4.19.1
- (no CPE)range: < 4.4.162-4.19.1
- (no CPE)range: < 4.4.156-94.57.1
- (no CPE)range: < 4.4.156-94.57.1
- (no CPE)range: < 4.4.156-94.57.1
- (no CPE)range: < 4.4.162-3.26.1
- (no CPE)range: < 1-4.3.5
Patches
Vulnerability mechanics
References
8- bugzilla.suse.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
- git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/nvdPatchThird Party Advisory
- security.netapp.com/advisory/ntap-20190204-0001/nvdPatchThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2018-10/msg00033.htmlnvdMailing ListThird Party Advisory
- www.securityfocus.com/bid/105394nvdThird Party AdvisoryVDB Entry
- support.f5.com/csp/article/K22691834nvdThird Party Advisory
- packetstormsecurity.com/files/153702/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.htmlnvd
- seclists.org/bugtraq/2019/Jul/33nvd
News mentions
0No linked articles in our index yet.