1.9

CVE-2011-4098

The fallocate implementation in the GFS2 filesystem in the Linux kernel before 3.2 relies on the page cache, which might allow local users to cause a denial of service by preallocating blocks in certain situations involving insufficient memory.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Updaterc7 Version <= 3.2
LinuxLinux Kernel Version3.2 Updaterc2
LinuxLinux Kernel Version3.2 Updaterc3
LinuxLinux Kernel Version3.2 Updaterc4
LinuxLinux Kernel Version3.2 Updaterc5
LinuxLinux Kernel Version3.2 Updaterc6
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.48% 0.381
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 1.9 3.4 2.9
AV:L/AC:M/Au:N/C:N/I:N/A:P
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://www.kernel.org/pub/linux/kernel/v3.x/patch-3.2.bz2
Patch
https://oss.oracle.com/git/?p=redpatch.git%3Ba=commit%3Bh=fadca7bdc43b02f518585d9547019966415cadfd
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=64dd153c83743af81f20924c6343652d731eeecb
https://github.com/torvalds/linux/commit/64dd153c83743af81f20924c6343652d731eeecb
https://www.redhat.com/archives/cluster-devel/2011-September/msg00064.html