** Description changed: - Linux kernel built with support for XFS file system is vulnerable to a - NULL pointer dereference flaw. This occurs while accessing blocks beyond - the end of the file system, possibly on a corrupted device. A user able - to mount the file system could use this flaw to crash the kernel, - resulting in DoS. + The _xfs_buf_find function in fs/xfs/xfs_buf.c in the Linux kernel + before 3.7.6 does not validate block numbers, which allows local users + to cause a denial of service (NULL pointer dereference and system crash) + or possibly have unspecified other impact by leveraging the ability to + mount an XFS filesystem containing a metadata inode with an invalid + extent map. Break-Fix: - eb178619f930fa2ba2348de332a1ff1c66a31424
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1151527 Title: CVE-2013-1819 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1151527/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
