OSVDB ID: 100241

Title: Linux Kernel xfs_attrlist_by_handle() Function Local Underflow

Info

Disclosure

Nov 05, 2013

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Nov 05, 2013

Description

Linux Kernel contains an underflow condition in the xfs_attrlist_by_handle() function. The issue is triggered as user-supplied input is not properly validated. This may allow a local attacker to cause a buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

Classification

Location: Local Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Unknown
Disclosure: Vendor Verified
OSVDB: Authentication Required

Solution

The vendor has released a patch to address this vulnerability. There are no known workarounds or upgrades to correct this issue. Check the vendor advisory, changelog, or solution in the references section for details.

Products

Linux Kernel Organization, Inc.

Kernel

Unspecified

References

Credit

Unknown or Incomplete



Direct URL: http://osvdb.org/100241