Published: 16/03/2015 Updated: 15/02/2024

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

The XFS implementation in the Linux kernel prior to 3.15 improperly uses an old size value during remote attribute replacement, which allows local users to cause a denial of service (transaction overrun and data corruption) or possibly gain privileges by leveraging XFS filesystem access.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel

Several security issues were fixed in the kernel ...

A flaw was found in the way the Linux kernel's XFS file system handled replacing of remote attributes under certain conditions A local user with access to XFS file system mount could potentially use this flaw to escalate their privileges on the system ...

CWE-19 https://github.com/torvalds/linux/commit/8275cdd0e7ac550dcce2b3ef6d2fb3b808c1ae59 https://bugzilla.redhat.com/show_bug.cgi?id=1195248 http://www.securitytracker.com/id/1031853 http://rhn.redhat.com/errata/RHSA-2015-0290.html http://rhn.redhat.com/errata/RHSA-2015-0694.html http://www.ubuntu.com/usn/USN-2543-1 http://www.ubuntu.com/usn/USN-2544-1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8275cdd0e7ac550dcce2b3ef6d2fb3b808c1ae59 https://usn.ubuntu.com/2544-1/https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2015-0274

CVE-2015-0274

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect