CVE-2017-18257

Published April 4th, 2018

View on NVD ↗

CVSS v3

N/A

CVSS v2

4.9

MEDIUM

Affected

PROJECT

Description

The __get_data_block function in fs/f2fs/data.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow and loop) via crafted use of the open and fallocate system calls with an FS_IOC_FIEMAP ioctl.

torvalds/linux

Linux kernel source tree

GitHub

237K