CVE-2011-2493

2012-06-1310:24:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

linux kernel

security

ext4

denial of service

cve-2011-2493

nvd

7.4 High

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

5.3%

JSON

The ext4_fill_super function in fs/ext4/super.c in the Linux kernel before 2.6.39 does not properly initialize a certain error-report data structure, which allows local users to cause a denial of service (OOPS) by attempting to mount a crafted ext4 filesystem.

CPENameOperatorVersion
linux:linux_kernellinux linux kerneleq2.6.38
linux:linux_kernellinux linux kerneleq2.6.38.3
linux:linux_kernellinux linux kernelle2.6.38.8
linux:linux_kernellinux linux kerneleq2.6.38.6
linux:linux_kernellinux linux kerneleq2.6.38.1
linux:linux_kernellinux linux kerneleq2.6.38.5
linux:linux_kernellinux linux kerneleq2.6.38.2
linux:linux_kernellinux linux kerneleq2.6.38.4
linux:linux_kernellinux linux kerneleq2.6.38.7

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	eq	2.6.38
linux:linux_kernel	linux linux kernel	eq	2.6.38.3
linux:linux_kernel	linux linux kernel	le	2.6.38.8
linux:linux_kernel	linux linux kernel	eq	2.6.38.6
linux:linux_kernel	linux linux kernel	eq	2.6.38.1
linux:linux_kernel	linux linux kernel	eq	2.6.38.5
linux:linux_kernel	linux linux kernel	eq	2.6.38.2
linux:linux_kernel	linux linux kernel	eq	2.6.38.4
linux:linux_kernel	linux linux kernel	eq	2.6.38.7