ID CVE-2012-2100
Summary The ext4_fill_flex_info function in fs/ext4/super.c in the Linux kernel before 3.2.2, on the x86 platform and unspecified other platforms, allows user-assisted remote attackers to trigger inconsistent filesystem-groups data and possibly cause a denial of service via a malformed ext4 filesystem containing a super block with a large FLEX_BG group size (aka s_log_groups_per_flex value). NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-4307.
References
Vulnerable Configurations
  • cpe:2.3:o:linux:linux_kernel:2.6.33.7:*:*:*:*:*:x86:*
    cpe:2.3:o:linux:linux_kernel:2.6.33.7:*:*:*:*:*:x86:*
  • cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:x86:*
    cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:x86:*
  • cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:x86:*
    cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:x86:*
CVSS
Base: 7.1 (as of 13-02-2023 - 04:33)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:C
redhat via4
advisories
  • bugzilla
    id 859946
    title kernel: xen: change the default behaviour of CVE-2012-2934 fix [rhel-5.8.z]
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhba:tst:20070331005
      • OR
        • comment kernel earlier than 0:2.6.18-308.20.1.el5 is currently running
          oval oval:com.redhat.rhsa:tst:20121445025
        • comment kernel earlier than 0:2.6.18-308.20.1.el5 is set to boot up on next boot
          oval oval:com.redhat.rhsa:tst:20121445026
      • OR
        • AND
          • comment kernel is earlier than 0:2.6.18-308.20.1.el5
            oval oval:com.redhat.rhsa:tst:20121445001
          • comment kernel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhba:tst:20080314002
        • AND
          • comment kernel-PAE is earlier than 0:2.6.18-308.20.1.el5
            oval oval:com.redhat.rhsa:tst:20121445003
          • comment kernel-PAE is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhba:tst:20080314004
        • AND
          • comment kernel-PAE-devel is earlier than 0:2.6.18-308.20.1.el5
            oval oval:com.redhat.rhsa:tst:20121445005
          • comment kernel-PAE-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhba:tst:20080314006
        • AND
          • comment kernel-debug is earlier than 0:2.6.18-308.20.1.el5
            oval oval:com.redhat.rhsa:tst:20121445007
          • comment kernel-debug is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhba:tst:20080314008
        • AND
          • comment kernel-debug-devel is earlier than 0:2.6.18-308.20.1.el5
            oval oval:com.redhat.rhsa:tst:20121445009
          • comment kernel-debug-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhba:tst:20080314010
        • AND
          • comment kernel-devel is earlier than 0:2.6.18-308.20.1.el5
            oval oval:com.redhat.rhsa:tst:20121445011
          • comment kernel-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhba:tst:20080314012
        • AND
          • comment kernel-doc is earlier than 0:2.6.18-308.20.1.el5
            oval oval:com.redhat.rhsa:tst:20121445013
          • comment kernel-doc is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhba:tst:20080314014
        • AND
          • comment kernel-headers is earlier than 0:2.6.18-308.20.1.el5
            oval oval:com.redhat.rhsa:tst:20121445015
          • comment kernel-headers is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhba:tst:20080314016
        • AND
          • comment kernel-kdump is earlier than 0:2.6.18-308.20.1.el5
            oval oval:com.redhat.rhsa:tst:20121445017
          • comment kernel-kdump is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhba:tst:20080314018
        • AND
          • comment kernel-kdump-devel is earlier than 0:2.6.18-308.20.1.el5
            oval oval:com.redhat.rhsa:tst:20121445019
          • comment kernel-kdump-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhba:tst:20080314020
        • AND
          • comment kernel-xen is earlier than 0:2.6.18-308.20.1.el5
            oval oval:com.redhat.rhsa:tst:20121445021
          • comment kernel-xen is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhba:tst:20080314022
        • AND
          • comment kernel-xen-devel is earlier than 0:2.6.18-308.20.1.el5
            oval oval:com.redhat.rhsa:tst:20121445023
          • comment kernel-xen-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhba:tst:20080314024
    rhsa
    id RHSA-2012:1445
    released 2012-11-13
    severity Low
    title RHSA-2012:1445: kernel security and bug fix update (Low)
  • rhsa
    id RHSA-2012:1580
rpms
  • kernel-0:2.6.18-308.20.1.el5
  • kernel-PAE-0:2.6.18-308.20.1.el5
  • kernel-PAE-debuginfo-0:2.6.18-308.20.1.el5
  • kernel-PAE-devel-0:2.6.18-308.20.1.el5
  • kernel-debug-0:2.6.18-308.20.1.el5
  • kernel-debug-debuginfo-0:2.6.18-308.20.1.el5
  • kernel-debug-devel-0:2.6.18-308.20.1.el5
  • kernel-debuginfo-0:2.6.18-308.20.1.el5
  • kernel-debuginfo-common-0:2.6.18-308.20.1.el5
  • kernel-devel-0:2.6.18-308.20.1.el5
  • kernel-doc-0:2.6.18-308.20.1.el5
  • kernel-headers-0:2.6.18-308.20.1.el5
  • kernel-kdump-0:2.6.18-308.20.1.el5
  • kernel-kdump-debuginfo-0:2.6.18-308.20.1.el5
  • kernel-kdump-devel-0:2.6.18-308.20.1.el5
  • kernel-xen-0:2.6.18-308.20.1.el5
  • kernel-xen-debuginfo-0:2.6.18-308.20.1.el5
  • kernel-xen-devel-0:2.6.18-308.20.1.el5
  • kernel-0:2.6.32-279.19.1.el6
  • kernel-bootwrapper-0:2.6.32-279.19.1.el6
  • kernel-debug-0:2.6.32-279.19.1.el6
  • kernel-debug-debuginfo-0:2.6.32-279.19.1.el6
  • kernel-debug-devel-0:2.6.32-279.19.1.el6
  • kernel-debuginfo-0:2.6.32-279.19.1.el6
  • kernel-debuginfo-common-i686-0:2.6.32-279.19.1.el6
  • kernel-debuginfo-common-ppc64-0:2.6.32-279.19.1.el6
  • kernel-debuginfo-common-s390x-0:2.6.32-279.19.1.el6
  • kernel-debuginfo-common-x86_64-0:2.6.32-279.19.1.el6
  • kernel-devel-0:2.6.32-279.19.1.el6
  • kernel-doc-0:2.6.32-279.19.1.el6
  • kernel-firmware-0:2.6.32-279.19.1.el6
  • kernel-headers-0:2.6.32-279.19.1.el6
  • kernel-kdump-0:2.6.32-279.19.1.el6
  • kernel-kdump-debuginfo-0:2.6.32-279.19.1.el6
  • kernel-kdump-devel-0:2.6.32-279.19.1.el6
  • perf-0:2.6.32-279.19.1.el6
  • perf-debuginfo-0:2.6.32-279.19.1.el6
  • python-perf-0:2.6.32-279.19.1.el6
  • python-perf-debuginfo-0:2.6.32-279.19.1.el6
refmap via4
bid 53414
confirm
mlist [oss-security] 20120412 Re: fix to CVE-2009-4307
Last major update 13-02-2023 - 04:33
Published 03-07-2012 - 16:40
Last modified 13-02-2023 - 04:33
Back to Top