CVE - CVE-2011-2695

CVE-ID
CVE-2011-2695	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Multiple off-by-one errors in the ext4 subsystem in the Linux kernel before 3.0-rc5 allow local users to cause a denial of service (BUG_ON and system crash) by accessing a sparse file in extent format with a write operation involving a block number corresponding to the largest possible 32-bit unsigned integer.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:45193 URL:http://secunia.com/advisories/45193 MISC:[linux-ext4] 20110603 [PATCH 1/2] ext4: Fix max file size and logical block counting of extent format file URL:http://www.spinics.net/lists/linux-ext4/msg25697.html MISC:[oss-security] 20110715 CVE Request -- kernel: ext4: kernel panic when writing data to the last block of sparse file URL:http://www.openwall.com/lists/oss-security/2011/07/15/7 MISC:[oss-security] 20110715 Re: CVE Request -- kernel: ext4: kernel panic when writing data to the last block of sparse file URL:http://www.openwall.com/lists/oss-security/2011/07/15/8 MISC:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f17722f917b2f21497deb6edc62fb1683daa08e6 URL:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f17722f917b2f21497deb6edc62fb1683daa08e6 MISC:http://www.kernel.org/pub/linux/kernel/v3.0/testing/ChangeLog-3.0-rc5 URL:http://www.kernel.org/pub/linux/kernel/v3.0/testing/ChangeLog-3.0-rc5 MISC:https://bugzilla.redhat.com/show_bug.cgi?id=722557 URL:https://bugzilla.redhat.com/show_bug.cgi?id=722557
Assigning CNA
Red Hat, Inc.
Date Record Created
20110711	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20110711)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is a record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)