CVE-2011-4077

Опубликовано: 08 апр. 2011

Источник: redhat

CVSS2: 6.2

Описание

Buffer overflow in the xfs_readlink function in fs/xfs/xfs_vnodeops.c in XFS in the Linux kernel 2.6, when CONFIG_XFS_DEBUG is disabled, allows local users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an XFS image containing a symbolic link with a long pathname.

Отчет

This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 4 as it did not include support for XFS filesystem. This has been addressed in Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2012-0007.html, https://rhn.redhat.com/errata/RHSA-2012-0350.html, and https://rhn.redhat.com/errata/RHSA-2012-0333.html.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 4	kernel	Not affected
Red Hat Enterprise Linux Extended Update Support 6.2	kernel	Affected
Red Hat Enterprise Linux 5	kernel	Fixed	RHSA-2012:0007	10.01.2012
Red Hat Enterprise Linux 6	kernel	Fixed	RHSA-2012:0350	06.03.2012
Red Hat Enterprise MRG 2	kernel-rt	Fixed	RHSA-2012:0333	23.02.2012

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

https://bugzilla.redhat.com/show_bug.cgi?id=749156kernel: xfs: potential buffer overflow in xfs_readlink()

6.2 Medium

CVSS2

Связанные уязвимости

CVE-2011-4077

ubuntu

больше 13 лет назад

CVE-2011-4077

nvd

больше 13 лет назад

CVE-2011-4077

debian

больше 13 лет назад

Buffer overflow in the xfs_readlink function in fs/xfs/xfs_vnodeops.c ...

GHSA-wr72-x72c-p32w

github

около 3 лет назад

ELSA-2012-2003

oracle-oval

больше 13 лет назад

ELSA-2012-2003: Unbreakable Enterprise kernel security and bug fix update (IMPORTANT)

6.2 Medium

CVSS2