github - ghsa-8mfm-2wff-rgp2

ghsa-8mfm-2wff-rgp2

Vulnerability from github

Published

2022-05-14 01:14

Modified

2022-05-14 01:14

Severity

5.5 (Medium) - CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-16862"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-11-26T19:29:00Z",
    "severity": "MODERATE"
  },
  "details": "A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.",
  "id": "GHSA-8mfm-2wff-rgp2",
  "modified": "2022-05-14T01:14:25Z",
  "published": "2022-05-14T01:14:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16862"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16862"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
    },
    {
      "type": "WEB",
      "url": "https://lore.kernel.org/patchwork/patch/1011367"
    },
    {
      "type": "WEB",
      "url": "https://seclists.org/oss-sec/2018/q4/169"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3879-1"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3879-2"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4094-1"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4118-1"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/106009"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

cve-2018-16862

Vulnerability from cvelistv5

Published

2018-11-26 19:00

Modified

2024-08-05 10:32

Severity

5.3 (Medium) - cvssV3_0 - CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N

Summary

References

URL	Tags
http://www.securityfocus.com/bid/106009	vdb-entry, x_refsource_BID
https://usn.ubuntu.com/3879-2/	vendor-advisory, x_refsource_UBUNTU
https://seclists.org/oss-sec/2018/q4/169	mailing-list, x_refsource_MLIST
https://usn.ubuntu.com/3879-1/	vendor-advisory, x_refsource_UBUNTU
https://lore.kernel.org/patchwork/patch/1011367/	x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16862	x_refsource_CONFIRM
https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html	mailing-list, x_refsource_MLIST
https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html	mailing-list, x_refsource_MLIST
https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html	mailing-list, x_refsource_MLIST
https://usn.ubuntu.com/4094-1/	vendor-advisory, x_refsource_UBUNTU
https://usn.ubuntu.com/4118-1/	vendor-advisory, x_refsource_UBUNTU

Impacted products

Vendor	Product
[UNKNOWN]	kernel:

Show details on NVD website