QwikSec

Security Database

CVE

CWE

Training

CVE-2013-2015

Published: Apr 29, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

The ext4_orphan_del function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows physically proximate attackers to cause a denial of service (system hang) via a crafted filesystem on removable media, as demonstrated by the e2fsprogs tests/f_orphan_extents_inode/image.gz test.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/torvalds/linux/commit/0e9a9a1ad619e7e987815d20262d36a2f95717ca

x_refsource_CONFIRM

http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.3

x_refsource_CONFIRM

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0e9a9a1ad619e7e987815d20262d36a2f95717ca

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=957123

x_refsource_CONFIRM

SUSE-SU-2016:2074

vendor-advisory

x_refsource_SUSE

[oss-security] 20130426 Re: CVE request: Linux kernel: ext4: hang during mount(8)

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.