cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~ cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~ cpe:/o:canonical:ubuntu_linux:18.04::~~lts~~~ cpe:/o:debian:debian_linux:8.0 cpe:/o:linux:linux_kernel:4.16 cpe:/o:linux:linux_kernel:4.17 cpe:/o:redhat:enterprise_linux:7.0 CVE-2018-10877 2018-07-18T11:29:00.267-04:00 2019-04-01T15:29:00.737-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BID 104878 BID 106503 REDHAT RHSA-2018:2948 UBUNTU USN-3753-1 UBUNTU USN-3753-2 UBUNTU USN-3754-1 UBUNTU USN-3871-1 UBUNTU USN-3871-3 UBUNTU USN-3871-4 UBUNTU USN-3871-5 MLIST [debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10877 Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image.