cpe:/o:linux:linux_kernel:4.9.8 CVE-2016-10208 2017-02-06T01:59:00.357-05:00 2018-08-24T06:29:00.333-04:00 4.9 LOCAL LOW NONE NONE NONE COMPLETE http://nvd.nist.gov 2017-02-07T10:55:23.857-05:00 FULLDISC 20161115 OS-S 2016-22 - Local DoS: Linux Kernel EXT4 Memory Corruption / SLAB-Out-of-Bounds Read BID 94354 REDHAT RHSA-2017:1297 REDHAT RHSA-2017:1298 REDHAT RHSA-2017:1308 UBUNTU USN-3754-1 MLIST [debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update MLIST [oss-security] 20170204 Re: Local DoS: Linux Kernel EXT4 Memory Corruption / SLAB-Out-of-Bounds Read CONFIRM http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3a4b77cd47bb837b8557595ec7425f281f2ca1fe CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=1395190 CONFIRM https://github.com/torvalds/linux/commit/3a4b77cd47bb837b8557595ec7425f281f2ca1fe The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.9.8 does not properly validate meta block groups, which allows physically proximate attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image.