4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
19.2%
Theodore Ts’o reports:
If s_first_meta_bg is greater than the of number block group descriptor blocks, then reading or writing the block group descriptors will end up overruning the memory buffer allocated for the descriptors.
The finding is credited to a vulnerability report from Jose Duart of Google Security Team <jduart AT google.com> and was reported through oCERT-2015-002.