Published: 03/07/2012 Updated: 07/11/2023

CVSS v2 Base Score: 7.1 | Impact Score: 6.9 | Exploitability Score: 8.6

VMScore: 633

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C

The ext4_fill_flex_info function in fs/ext4/super.c in the Linux kernel prior to 3.2.2, on the x86 platform and unspecified other platforms, allows user-assisted remote malicious users to trigger inconsistent filesystem-groups data and possibly cause a denial of service via a malformed ext4 filesystem containing a super block with a large FLEX_BG group size (aka s_log_groups_per_flex value). NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-4307.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
linux linux kernel 3.2

Synopsis Moderate: kernel security, bug fix and enhancement update Type/Severity Security Advisory: Moderate Topic Updated kernel packages that fix multiple security issues, numerous bugsand add one enhancement are now available for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated thi ...

Synopsis Low: kernel security and bug fix update Type/Severity Security Advisory: Low Topic Updated kernel packages that fix one security issue and several bugs arenow available for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as having lowsecurity impact A Common Vul ...

A malicious Network File System version 4 (NFSv4) server could return a crafted reply to a GETACL request, causing a denial of service on the client (CVE-2012-2375, Moderate) A divide-by-zero flaw was found in the TCP Illinois congestion control algorithm implementation in the Linux kernel If the TCP Illinois congestion control algorithm were in ...

Several security issues were fixed in the kernel ...

The system could be made to deny services if it received specially crafted local area network traffic ...

Several security issues were fixed in the kernel ...

CWE-189 http://www.openwall.com/lists/oss-security/2012/04/12/11 https://bugzilla.redhat.com/show_bug.cgi?id=809687 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.2 https://github.com/torvalds/linux/commit/d50f2ab6f050311dbf7b8f5501b25f0bf64a439b http://www.securityfocus.com/bid/53414 http://rhn.redhat.com/errata/RHSA-2012-1445.html http://rhn.redhat.com/errata/RHSA-2012-1580.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d50f2ab6f050311dbf7b8f5501b25f0bf64a439b https://access.redhat.com/errata/RHSA-2012:1580 https://nvd.nist.gov https://usn.ubuntu.com/1405-1/https://alas.aws.amazon.com/ALAS-2013-148.html

CVE-2012-2100

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect