Buffer overflow in the xfs_readlink function in fs/xfs/xfs_vnodeops.c in XFS in the Linux kernel 2.6, when CONFIG_XFS_DEBUG is disabled, allows local users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an XFS image containing a symbolic link with a long pathname.
Platform | Package | Release Date | Advisory |
---|---|---|---|
Amazon Linux 1 | kernel | 2012-03-16 10:53 | ALAS-2012-55 |
Amazon Linux 1 | kernel | 2011-11-19 01:22 | ALAS-2011-22 |
Score Type | Score | Vector | |
---|---|---|---|
Amazon Linux | CVSSv2 | 6.2 | AV:L/AC:H/Au:N/C:C/I:C/A:C |
NVD | CVSSv2 | 6.9 | AV:L/AC:M/Au:N/C:C/I:C/A:C |