Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.5
Linux Kernel: Denial of Service with Corrupted F2FS Filesystem
UBUNTU-CVE-2018-13098
Summary
A corrupted F2FS (Flash File System) image can cause a Linux system to crash or become unresponsive. This is a concern for organizations using F2FS, as it can impact system availability and stability. To mitigate this issue, it is recommended to use secure methods for creating and modifying F2FS filesystems.
What to do
- Update canonical linux-azure to version 4.15.0-1059.64~14.04.1.
- Update canonical linux-aws-hwe to version 4.15.0-1047.49~16.04.1.
- Update canonical linux-azure to version 4.15.0-1055.60.
- Update canonical linux-gcp to version 4.15.0-1040.42~16.04.1.
- Update canonical linux-hwe to version 4.15.0-58.64~16.04.1.
- Update canonical linux-oracle to version 4.15.0-1021.23~16.04.1.
- Update canonical linux to version 4.15.0-58.64.
- Update canonical linux-aws to version 4.15.0-1047.49.
- Update canonical linux-azure to version 4.18.0-1011.11~18.04.1.
- Update canonical linux-gcp to version 4.15.0-1040.42.
- Update canonical linux-gke-4.15 to version 4.15.0-1040.42.
- Update canonical linux-kvm to version 4.15.0-1042.42.
- Update canonical linux-oem to version 4.15.0-1050.57.
- Update canonical linux-oracle to version 4.15.0-1021.23.
- Update canonical linux-raspi2 to version 4.15.0-1043.46.
- Update canonical linux-snapdragon to version 4.15.0-1060.66.
- Update canonical linux-aws-fips to version 4.15.0-2018.18.
- Update canonical linux-azure-fips to version 4.15.0-2006.7.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Ubuntu:Pro:14.04:LTS | canonical | linux-azure |
< 4.15.0-1059.64~14.04.1 Fix: upgrade to 4.15.0-1059.64~14.04.1
|
| Ubuntu:Pro:14.04:LTS | canonical | linux | All versions |
| Ubuntu:Pro:14.04:LTS | canonical | linux-aws | All versions |
| Ubuntu:Pro:14.04:LTS | canonical | linux-lts-xenial | All versions |
| Ubuntu:16.04:LTS | canonical | linux-aws-hwe |
< 4.15.0-1047.49~16.04.1 Fix: upgrade to 4.15.0-1047.49~16.04.1
|
| Ubuntu:16.04:LTS | canonical | linux-azure |
< 4.15.0-1055.60 Fix: upgrade to 4.15.0-1055.60
|
| Ubuntu:16.04:LTS | canonical | linux-gcp |
< 4.15.0-1040.42~16.04.1 Fix: upgrade to 4.15.0-1040.42~16.04.1
|
| Ubuntu:16.04:LTS | canonical | linux-hwe |
< 4.15.0-58.64~16.04.1 Fix: upgrade to 4.15.0-58.64~16.04.1
|
| Ubuntu:16.04:LTS | canonical | linux-oracle |
< 4.15.0-1021.23~16.04.1 Fix: upgrade to 4.15.0-1021.23~16.04.1
|
| Ubuntu:Pro:16.04:LTS | canonical | linux | All versions |
| Ubuntu:Pro:16.04:LTS | canonical | linux-aws | All versions |
| Ubuntu:Pro:16.04:LTS | canonical | linux-kvm | All versions |
| Ubuntu:Pro:FIPS:16.04:LTS | canonical | linux-fips | All versions |
| Ubuntu:18.04:LTS | canonical | linux |
< 4.15.0-58.64 Fix: upgrade to 4.15.0-58.64
|
| Ubuntu:18.04:LTS | canonical | linux-aws |
< 4.15.0-1047.49 Fix: upgrade to 4.15.0-1047.49
|
| Ubuntu:18.04:LTS | canonical | linux-azure |
< 4.18.0-1011.11~18.04.1 Fix: upgrade to 4.18.0-1011.11~18.04.1
|
| Ubuntu:18.04:LTS | canonical | linux-gcp |
< 4.15.0-1040.42 Fix: upgrade to 4.15.0-1040.42
|
| Ubuntu:18.04:LTS | canonical | linux-gke-4.15 |
< 4.15.0-1040.42 Fix: upgrade to 4.15.0-1040.42
|
| Ubuntu:18.04:LTS | canonical | linux-kvm |
< 4.15.0-1042.42 Fix: upgrade to 4.15.0-1042.42
|
| Ubuntu:18.04:LTS | canonical | linux-oem |
< 4.15.0-1050.57 Fix: upgrade to 4.15.0-1050.57
|
| Ubuntu:18.04:LTS | canonical | linux-oracle |
< 4.15.0-1021.23 Fix: upgrade to 4.15.0-1021.23
|
| Ubuntu:18.04:LTS | canonical | linux-raspi2 |
< 4.15.0-1043.46 Fix: upgrade to 4.15.0-1043.46
|
| Ubuntu:18.04:LTS | canonical | linux-snapdragon |
< 4.15.0-1060.66 Fix: upgrade to 4.15.0-1060.66
|
| Ubuntu:Pro:FIPS-updates:18.04:LTS | canonical | linux-aws-fips |
< 4.15.0-2018.18 Fix: upgrade to 4.15.0-2018.18
|
| Ubuntu:Pro:FIPS-updates:18.04:LTS | canonical | linux-azure-fips |
< 4.15.0-2006.7 Fix: upgrade to 4.15.0-2006.7
|
| Ubuntu:Pro:FIPS:18.04:LTS | canonical | linux-aws-fips | All versions |
| Ubuntu:Pro:FIPS:18.04:LTS | canonical | linux-azure-fips | All versions |
| Ubuntu:Pro:FIPS:18.04:LTS | canonical | linux-gcp-fips | All versions |
| Ubuntu:20.04:LTS | canonical | linux-azure-fde | All versions |
| Ubuntu:22.04:LTS | canonical | linux-intel-iot-realtime | All versions |
| Ubuntu:22.04:LTS | canonical | linux-realtime | All versions |
| Ubuntu:22.04:LTS | canonical | linux-riscv | All versions |
| Ubuntu:24.04:LTS | canonical | linux-raspi-realtime | All versions |
| Ubuntu:26.04 | canonical | linux-nvidia | All versions |
Original title
An issue was discovered in fs/f2fs/inode.c in the Linux kernel through 4.17.3. A denial of service (slab out-of-bounds read and BUG) can occur for a modified f2fs filesystem image in which FI_EXTRA...
Original description
An issue was discovered in fs/f2fs/inode.c in the Linux kernel through 4.17.3. A denial of service (slab out-of-bounds read and BUG) can occur for a modified f2fs filesystem image in which FI_EXTRA_ATTR is set in an inode.
osv CVSS3.1
5.5
- https://ubuntu.com/security/CVE-2018-13098 Third Party Advisory
- https://bugzilla.kernel.org/show_bug.cgi?id=200173 Third Party Advisory
- https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-de... Third Party Advisory
- https://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs.git/commit/?h=dev&i... Third Party Advisory
- https://ubuntu.com/security/notices/USN-4094-1 Vendor Advisory
- https://ubuntu.com/security/notices/USN-4118-1 Vendor Advisory
- https://www.cve.org/CVERecord?id=CVE-2018-13098 Third Party Advisory
Published: 3 Jul 2018 · Updated: 14 May 2026 · First seen: 14 May 2026