A NULL pointer dereference flaw was found in the way the Linux kernel's ext4 file system driver handled certain corrupted file system images. An attacker with physical access to the system could use this flaw to crash the system.
https://bugzilla.redhat.com/show_bug.cgi?id=1267261
http://www.openwall.com/lists/oss-security/2015/11/23/2
https://github.com/torvalds/linux/commit/744692dc059845b2a3022119871846e74d4f6e11
http://mirror.linux.org.au/linux/kernel/v2.6/ChangeLog-2.6.34
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
http://rhn.redhat.com/errata/RHSA-2016-0855.html
Source: MITRE
Published: 2016-05-02
Updated: 2023-02-02
Type: NVD-CWE-Other
Base Score: 4.9
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Impact Score: 6.9
Exploitability Score: 3.9
Severity: MEDIUM
Base Score: 4.6
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Impact Score: 3.6
Exploitability Score: 0.9
Severity: MEDIUM