CVE-2013-6382

MEDIUM Year: 2013
CVSS v2 Score
4.0
Medium
Weakness Type
CWE-119
View all →

Vulnerability Description

Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for a (1) XFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call with a crafted length value, related to the xfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c and the xfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c.

Related Vulnerabilities

CVE-2015-0565

CRITICAL
CVSS:10.0(Critical)

NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks possible.

CWE-1192015

CVE-2015-8459

CRITICAL
CVSS:10.0(Critical)

Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe A...

CWE-1192015

CVE-2015-8659

CRITICAL
CVSS:10.0(Critical)

The idle stream handling in nghttp2 before 1.6.0 allows attackers to have unspecified impact via unknown vectors, aka a heap-use-after-free bug.

CWE-1192015

CVE-2016-1931

CRITICAL
CVSS:10.0(Critical)

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly exec...

CWE-1192016

CVE-2016-8352

CRITICAL
CVSS:10.0(Critical)

An issue was discovered in Schneider Electric ConneXium firewalls TCSEFEC23F3F20 all versions, TCSEFEC23F3F21 all versions, TCSEFEC23FCF20 all versions, TCSEFEC23FCF21 all versions, and TCSEFEC2CF3F20...

CWE-1192016

CVE-2017-10920

CRITICAL
CVSS:10.0(Critical)

The grant-table feature in Xen through 4.8.x mishandles a GNTMAP_device_map and GNTMAP_host_map mapping, when followed by only a GNTMAP_host_map unmapping, which allows guest OS users to cause a denia...

CWE-1192017