Retire CVE-2018-13098

author: Salvatore Bonaccorso <carnil@debian.org> 2019-01-08 06:54:33 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2019-01-08 06:54:33 +0100
commit: 21e02cdb838612d2762331e35b719f9489d30c41 (patch)
tree: 9646dda6c84ac5d7712f567c6942176355c3a2d1 /retired/CVE-2018-13098
parent: 86cbe38bd5af90e4d4be4de01e91ecadb669c51e (diff)
1 files changed, 15 insertions, 0 deletions
diff --git a/retired/CVE-2018-13098 b/retired/CVE-2018-13098
new file mode 100644
index 00000000..6d787f3d
--- /dev/null
+++ b/retired/CVE-2018-13098
@@ -0,0 +1,15 @@
+Description: Out-of-bound access in f2fs_iget() when mounting a corrupted f2fs image
+References:
+ https://bugzilla.kernel.org/show_bug.cgi?id=200173
+ https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=190286a242344d42aad83c8e70169d6d72a63d05
+Notes:
+ bwh> Introduced in 4.14-rc1 by commit 7a2af766af15 "f2fs: enhance on-disk
+ bwh> inode structure scalability"
+Bugs:
+upstream: released (4.19-rc1) [76d56d4ab4f2a9e4f085c7d77172194ddaccf7d2]
+4.19-upstream-stable: N/A "Fixed before branch point"
+4.9-upstream-stable: N/A "Vulnerable code not present"
+3.16-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.18.10-1)
+4.9-stretch-security: N/A "Vulnerable code not present"
+3.16-jessie-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2019-01-08 06:54:33 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2019-01-08 06:54:33 +0100
commit	21e02cdb838612d2762331e35b719f9489d30c41 (patch)
tree	9646dda6c84ac5d7712f567c6942176355c3a2d1 /retired/CVE-2018-13098
parent	86cbe38bd5af90e4d4be4de01e91ecadb669c51e (diff)