CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
10.1%
Heap-based buffer overflow in the parse_tag_3_packet function in
fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before
2.6.30.4 allows local users to cause a denial of service (system crash) or
possibly gain privileges via vectors involving a crafted eCryptfs file,
related to a large encrypted key size in a Tag 3 packet.