| CVE-2013-6382 | Date: (C)2013-11-28 (M)2024-04-17 |
Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for a (1) XFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call with a crafted length value, related to the xfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c and the xfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c.
CVSS Score and Metrics +CVSS Score and Metrics -| CVSS V2 Severity: |
| CVSS Score : 4.0 |
| Exploit Score: 1.9 |
| Impact Score: 6.9 |
| |
| CVSS V2 Metrics: |
| Access Vector: LOCAL |
| Access Complexity: HIGH |
| Authentication: NONE |
| Confidentiality: NONE |
| Integrity: NONE |
| Availability: COMPLETE |
| | |
