ID CVE-2012-2100
Summary The ext4_fill_flex_info function in fs/ext4/super.c in the Linux kernel before 3.2.2, on the x86 platform and unspecified other platforms, allows user-assisted remote attackers to trigger inconsistent filesystem-groups data and possibly cause a denial of service via a malformed ext4 filesystem containing a super block with a large FLEX_BG group size (aka s_log_groups_per_flex value). NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-4307.
References
Vulnerable Configurations
  • cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:x86:*
    cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:x86:*
  • cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:x86:*
    cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:x86:*
CVSS
Base: 7.1 (as of 08-02-2013 - 04:49)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:C
redhat via4
advisories
  • bugzilla
    id 859946
    title kernel: xen: change the default behaviour of CVE-2012-2934 fix [rhel-5.8.z]
    oval
    AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhba:tst:20070331001
    • OR
      • AND
        • comment kernel is earlier than 0:2.6.18-308.20.1.el5
          oval oval:com.redhat.rhsa:tst:20121445002
        • comment kernel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314003
      • AND
        • comment kernel-PAE is earlier than 0:2.6.18-308.20.1.el5
          oval oval:com.redhat.rhsa:tst:20121445022
        • comment kernel-PAE is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314021
      • AND
        • comment kernel-PAE-devel is earlier than 0:2.6.18-308.20.1.el5
          oval oval:com.redhat.rhsa:tst:20121445020
        • comment kernel-PAE-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314023
      • AND
        • comment kernel-debug is earlier than 0:2.6.18-308.20.1.el5
          oval oval:com.redhat.rhsa:tst:20121445010
        • comment kernel-debug is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314015
      • AND
        • comment kernel-debug-devel is earlier than 0:2.6.18-308.20.1.el5
          oval oval:com.redhat.rhsa:tst:20121445014
        • comment kernel-debug-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314009
      • AND
        • comment kernel-devel is earlier than 0:2.6.18-308.20.1.el5
          oval oval:com.redhat.rhsa:tst:20121445006
        • comment kernel-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314007
      • AND
        • comment kernel-doc is earlier than 0:2.6.18-308.20.1.el5
          oval oval:com.redhat.rhsa:tst:20121445024
        • comment kernel-doc is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314025
      • AND
        • comment kernel-headers is earlier than 0:2.6.18-308.20.1.el5
          oval oval:com.redhat.rhsa:tst:20121445004
        • comment kernel-headers is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314005
      • AND
        • comment kernel-kdump is earlier than 0:2.6.18-308.20.1.el5
          oval oval:com.redhat.rhsa:tst:20121445018
        • comment kernel-kdump is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314017
      • AND
        • comment kernel-kdump-devel is earlier than 0:2.6.18-308.20.1.el5
          oval oval:com.redhat.rhsa:tst:20121445016
        • comment kernel-kdump-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314019
      • AND
        • comment kernel-xen is earlier than 0:2.6.18-308.20.1.el5
          oval oval:com.redhat.rhsa:tst:20121445008
        • comment kernel-xen is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314011
      • AND
        • comment kernel-xen-devel is earlier than 0:2.6.18-308.20.1.el5
          oval oval:com.redhat.rhsa:tst:20121445012
        • comment kernel-xen-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20080314013
    rhsa
    id RHSA-2012:1445
    released 2012-11-13
    severity Low
    title RHSA-2012:1445: kernel security and bug fix update (Low)
  • rhsa
    id RHSA-2012:1580
rpms
  • kernel-0:2.6.18-308.20.1.el5
  • kernel-PAE-0:2.6.18-308.20.1.el5
  • kernel-PAE-devel-0:2.6.18-308.20.1.el5
  • kernel-debug-0:2.6.18-308.20.1.el5
  • kernel-debug-devel-0:2.6.18-308.20.1.el5
  • kernel-devel-0:2.6.18-308.20.1.el5
  • kernel-doc-0:2.6.18-308.20.1.el5
  • kernel-headers-0:2.6.18-308.20.1.el5
  • kernel-kdump-0:2.6.18-308.20.1.el5
  • kernel-kdump-devel-0:2.6.18-308.20.1.el5
  • kernel-xen-0:2.6.18-308.20.1.el5
  • kernel-xen-devel-0:2.6.18-308.20.1.el5
  • kernel-0:2.6.32-279.19.1.el6
  • kernel-bootwrapper-0:2.6.32-279.19.1.el6
  • kernel-debug-0:2.6.32-279.19.1.el6
  • kernel-debug-devel-0:2.6.32-279.19.1.el6
  • kernel-devel-0:2.6.32-279.19.1.el6
  • kernel-doc-0:2.6.32-279.19.1.el6
  • kernel-firmware-0:2.6.32-279.19.1.el6
  • kernel-headers-0:2.6.32-279.19.1.el6
  • kernel-kdump-0:2.6.32-279.19.1.el6
  • kernel-kdump-devel-0:2.6.32-279.19.1.el6
  • perf-0:2.6.32-279.19.1.el6
  • python-perf-0:2.6.32-279.19.1.el6
refmap via4
bid 53414
confirm
mlist [oss-security] 20120412 Re: fix to CVE-2009-4307
Last major update 08-02-2013 - 04:49
Published 03-07-2012 - 16:40
Back to Top