Vulnerabilities > CVE-2018-14722 - Unspecified vulnerability in Btrfsmaintenance Project Btrfsmaintenance

047910
CVSS 9.3 - CRITICAL
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
btrfsmaintenance-project
critical
NVD
Published: 2018-08-15
Updated: 2019-10-03

Summary

An issue was discovered in evaluate_auto_mountpoint in btrfsmaintenance-functions in btrfsmaintenance through 0.4.1. Code execution as root can occur via a specially crafted filesystem label if btrfs-{scrub,balance,trim} are set to auto in /etc/sysconfig/btrfsmaintenance (this is not the default, though).

Vulnerable Configurations

Part Description Count
Application
Btrfsmaintenance_Project
8

References