Lucene search

[email protected]CVE-2011-2695

HistoryJul 28, 2011 - 10:55 p.m.

CVE-2011-2695

2011-07-2822:55:00

CWE-193

[email protected]

web.nvd.nist.gov

cve-2011-2695

linux kernel

ext4

denial of service

nvd

6.7 Medium

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

Multiple off-by-one errors in the ext4 subsystem in the Linux kernel before 3.0-rc5 allow local users to cause a denial of service (BUG_ON and system crash) by accessing a sparse file in extent format with a write operation involving a block number corresponding to the largest possible 32-bit unsigned integer.

CPENameOperatorVersion
linux:linux_kernellinux linux kerneleq3.0

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	eq	3.0

References

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f17722f917b2f21497deb6edc62fb1683daa08e6

secunia.com/advisories/45193

www.kernel.org/pub/linux/kernel/v3.0/testing/ChangeLog-3.0-rc5

www.openwall.com/lists/oss-security/2011/07/15/7

www.openwall.com/lists/oss-security/2011/07/15/8

www.spinics.net/lists/linux-ext4/msg25697.html

bugzilla.redhat.com/show_bug.cgi?id=722557

6.7 Medium

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

Related for CVE-2011-2695

prion1 ubuntucve1 nessus23 ubuntu11 openvas43 oraclelinux4 redhat4 centos1 fedora5