CVE-2011-3638

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

fs/ext4/extents.c in the Linux kernel before 3.0 does not mark a modified extent as dirty in certain cases of extent splitting, which allows local users to cause a denial of service (system crash) via vectors involving ext4 umount and mount operations.

References

http://ftp.osuosl.org/pub/linux/kernel/v3.0/ChangeLog-3.0

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=667eff35a1f56fa74ce98a0c7c29a40adc1ba4e3

http://www.openwall.com/lists/oss-security/2011/10/24/2

https://bugzilla.redhat.com/show_bug.cgi?id=747942

https://github.com/torvalds/linux/commit/667eff35a1f56fa74ce98a0c7c29a40adc1ba4e3

Details

Source: MITRE

Published: 2013-03-01

Updated: 2020-07-31

Risk Information

CVSS v2

Base Score: 4

Vector: AV:L/AC:H/Au:N/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 1.9

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Tenable Plugins

View all (17 total)

IDNameProductFamilySeverity
127360NewStart CGSL MAIN 4.05 : httpd Multiple Vulnerabilities (NS-SA-2019-0118)NessusNewStart CGSL Local Security Checks
critical
79507OracleVM 2.2 : kernel (OVMSA-2013-0039)NessusOracleVM Local Security Checks
high
79283RHEL 5 : rhev-hypervisor5 (RHSA-2012:0168)NessusRed Hat Local Security Checks
high
74801openSUSE Security Update : kernel (openSUSE-SU-2012:1439-1)NessusSuSE Local Security Checks
critical
74658openSUSE Security Update : Kernel (openSUSE-SU-2012:0799-1)NessusSuSE Local Security Checks
critical
68454Oracle Linux 5 : kernel (ELSA-2012-0107)NessusOracle Linux Local Security Checks
high
68425Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2011-2037)NessusOracle Linux Local Security Checks
high
64032RHEL 5 : kernel (RHSA-2012:0517)NessusRed Hat Local Security Checks
medium
64027RHEL 6 : kernel (RHSA-2012:0116)NessusRed Hat Local Security Checks
medium
61241Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20120209)NessusScientific Linux Local Security Checks
high
61185Scientific Linux Security Update : Scientific Linux 6 kernel on SL6.x i386/x86_64NessusScientific Linux Local Security Checks
medium
57922CentOS 5 : kernel (CESA-2012:0107)NessusCentOS Local Security Checks
high
57885RHEL 5 : kernel (RHSA-2012:0107)NessusRed Hat Local Security Checks
high
57058Ubuntu 10.04 LTS : linux-lts-backport-oneiric vulnerabilities (USN-1294-1)NessusUbuntu Local Security Checks
high
57012RHEL 6 : kernel (RHSA-2011:1530)NessusRed Hat Local Security Checks
medium
56673Fedora 14 : kernel-2.6.35.14-100.fc14 (2011-14747)NessusFedora Local Security Checks
medium
801512CentOS RHSA-2012-0107 Security CheckLog Correlation EngineGeneric
high