Lucene search

[email protected]CVE-2013-4247

HistoryAug 25, 2013 - 3:27 a.m.

CVE-2013-4247

2013-08-2503:27:00

CWE-189

[email protected]

web.nvd.nist.gov

cve-2013-4247

linux kernel

memory corruption

system crash

denial of service

dfs share

remote attackers

6.4 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.015 Low

EPSS

Percentile

86.9%

JSON

Off-by-one error in the build_unc_path_to_root function in fs/cifs/connect.c in the Linux kernel before 3.9.6 allows remote attackers to cause a denial of service (memory corruption and system crash) via a DFS share mount operation that triggers use of an unexpected DFS referral name length.

CPENameOperatorVersion
linux:linux_kernellinux linux kernellt3.9.6

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	lt	3.9.6

References

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1fc29bacedeabb278080e31bb9c1ecb49f143c3b

www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.9.6

www.openwall.com/lists/oss-security/2013/08/14/10

bugzilla.redhat.com/show_bug.cgi?id=998401

github.com/torvalds/linux/commit/1fc29bacedeabb278080e31bb9c1ecb49f143c3b

6.4 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.015 Low

EPSS

Percentile

86.9%

JSON

Related for CVE-2013-4247

prion1 ubuntucve1 debiancve1 openvas5 ubuntu2 nessus3 oraclelinux1