Lucene search
HistoryApr 29, 2013 - 2:55 p.m.
CVE-2013-2015
cve-2013-2015
linux kernel
ext4_orphan_del
denial of service
system hang
nvd
security vulnerability
file system
CVSS2
4.7
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:N/I:N/A:C
AI Score
4.5
Confidence
High
EPSS
0.001
Percentile
26.7%
The ext4_orphan_del function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows physically proximate attackers to cause a denial of service (system hang) via a crafted filesystem on removable media, as demonstrated by the e2fsprogs tests/f_orphan_extents_inode/image.gz test.
Affected configurations
Node
linuxlinux_kernelRange≤3.7.2
ORlinuxlinux_kernelMatch3.0rc1
ORlinuxlinux_kernelMatch3.0rc2
ORlinuxlinux_kernelMatch3.0rc3
ORlinuxlinux_kernelMatch3.0rc4
ORlinuxlinux_kernelMatch3.0rc5
ORlinuxlinux_kernelMatch3.0rc6
ORlinuxlinux_kernelMatch3.0rc7
ORlinuxlinux_kernelMatch3.0.1
ORlinuxlinux_kernelMatch3.0.2
ORlinuxlinux_kernelMatch3.0.3
ORlinuxlinux_kernelMatch3.0.4
ORlinuxlinux_kernelMatch3.0.5
ORlinuxlinux_kernelMatch3.0.6
ORlinuxlinux_kernelMatch3.0.7
ORlinuxlinux_kernelMatch3.0.8
ORlinuxlinux_kernelMatch3.0.9
ORlinuxlinux_kernelMatch3.0.10
ORlinuxlinux_kernelMatch3.0.11
ORlinuxlinux_kernelMatch3.0.12
ORlinuxlinux_kernelMatch3.0.13
ORlinuxlinux_kernelMatch3.0.14
ORlinuxlinux_kernelMatch3.0.15
ORlinuxlinux_kernelMatch3.0.16
ORlinuxlinux_kernelMatch3.0.17
ORlinuxlinux_kernelMatch3.0.18
ORlinuxlinux_kernelMatch3.0.19
ORlinuxlinux_kernelMatch3.0.20
ORlinuxlinux_kernelMatch3.0.21
ORlinuxlinux_kernelMatch3.0.22
ORlinuxlinux_kernelMatch3.0.23
ORlinuxlinux_kernelMatch3.0.24
ORlinuxlinux_kernelMatch3.0.25
ORlinuxlinux_kernelMatch3.0.26
ORlinuxlinux_kernelMatch3.0.27
ORlinuxlinux_kernelMatch3.0.28
ORlinuxlinux_kernelMatch3.0.29
ORlinuxlinux_kernelMatch3.0.30
ORlinuxlinux_kernelMatch3.0.31
ORlinuxlinux_kernelMatch3.0.32
ORlinuxlinux_kernelMatch3.0.33
ORlinuxlinux_kernelMatch3.0.34
ORlinuxlinux_kernelMatch3.0.35
ORlinuxlinux_kernelMatch3.0.36
ORlinuxlinux_kernelMatch3.0.37
ORlinuxlinux_kernelMatch3.0.38
ORlinuxlinux_kernelMatch3.0.39
ORlinuxlinux_kernelMatch3.0.40
ORlinuxlinux_kernelMatch3.0.41
ORlinuxlinux_kernelMatch3.0.42
ORlinuxlinux_kernelMatch3.0.43
ORlinuxlinux_kernelMatch3.0.44
ORlinuxlinux_kernelMatch3.0.45
ORlinuxlinux_kernelMatch3.0.46
ORlinuxlinux_kernelMatch3.0.47
ORlinuxlinux_kernelMatch3.0.48
ORlinuxlinux_kernelMatch3.0.49
ORlinuxlinux_kernelMatch3.0.50
ORlinuxlinux_kernelMatch3.0.51
ORlinuxlinux_kernelMatch3.0.52
ORlinuxlinux_kernelMatch3.0.53
ORlinuxlinux_kernelMatch3.0.54
ORlinuxlinux_kernelMatch3.0.55
ORlinuxlinux_kernelMatch3.0.56
ORlinuxlinux_kernelMatch3.0.57
ORlinuxlinux_kernelMatch3.0.58
ORlinuxlinux_kernelMatch3.0.59
ORlinuxlinux_kernelMatch3.0.60
ORlinuxlinux_kernelMatch3.0.61
ORlinuxlinux_kernelMatch3.0.62
ORlinuxlinux_kernelMatch3.0.63
ORlinuxlinux_kernelMatch3.0.64
ORlinuxlinux_kernelMatch3.0.65
ORlinuxlinux_kernelMatch3.0.66
ORlinuxlinux_kernelMatch3.0.67
ORlinuxlinux_kernelMatch3.0.68
ORlinuxlinux_kernelMatch3.1
ORlinuxlinux_kernelMatch3.1rc1
ORlinuxlinux_kernelMatch3.1rc2
ORlinuxlinux_kernelMatch3.1rc3
ORlinuxlinux_kernelMatch3.1rc4
ORlinuxlinux_kernelMatch3.1.1
ORlinuxlinux_kernelMatch3.1.2
ORlinuxlinux_kernelMatch3.1.3
ORlinuxlinux_kernelMatch3.1.4
ORlinuxlinux_kernelMatch3.1.5
ORlinuxlinux_kernelMatch3.1.6
ORlinuxlinux_kernelMatch3.1.7
ORlinuxlinux_kernelMatch3.1.8
ORlinuxlinux_kernelMatch3.1.9
ORlinuxlinux_kernelMatch3.1.10
ORlinuxlinux_kernelMatch3.2
ORlinuxlinux_kernelMatch3.2rc2
ORlinuxlinux_kernelMatch3.2rc3
ORlinuxlinux_kernelMatch3.2rc4
ORlinuxlinux_kernelMatch3.2rc5
ORlinuxlinux_kernelMatch3.2rc6
ORlinuxlinux_kernelMatch3.2rc7
ORlinuxlinux_kernelMatch3.2.1
ORlinuxlinux_kernelMatch3.2.2
ORlinuxlinux_kernelMatch3.2.3
ORlinuxlinux_kernelMatch3.2.4
ORlinuxlinux_kernelMatch3.2.5
ORlinuxlinux_kernelMatch3.2.6
ORlinuxlinux_kernelMatch3.2.7
ORlinuxlinux_kernelMatch3.2.8
ORlinuxlinux_kernelMatch3.2.9
ORlinuxlinux_kernelMatch3.2.10
ORlinuxlinux_kernelMatch3.2.11
ORlinuxlinux_kernelMatch3.2.12
ORlinuxlinux_kernelMatch3.2.13
ORlinuxlinux_kernelMatch3.2.14
ORlinuxlinux_kernelMatch3.2.15
ORlinuxlinux_kernelMatch3.2.16
ORlinuxlinux_kernelMatch3.2.17
ORlinuxlinux_kernelMatch3.2.18
ORlinuxlinux_kernelMatch3.2.19
ORlinuxlinux_kernelMatch3.2.20
ORlinuxlinux_kernelMatch3.2.21
ORlinuxlinux_kernelMatch3.2.22
ORlinuxlinux_kernelMatch3.2.23
ORlinuxlinux_kernelMatch3.2.24
ORlinuxlinux_kernelMatch3.2.25
ORlinuxlinux_kernelMatch3.2.26
ORlinuxlinux_kernelMatch3.2.27
ORlinuxlinux_kernelMatch3.2.28
ORlinuxlinux_kernelMatch3.2.29
ORlinuxlinux_kernelMatch3.2.30
ORlinuxlinux_kernelMatch3.3
ORlinuxlinux_kernelMatch3.3rc1
ORlinuxlinux_kernelMatch3.3rc2
ORlinuxlinux_kernelMatch3.3rc3
ORlinuxlinux_kernelMatch3.3rc4
ORlinuxlinux_kernelMatch3.3rc5
ORlinuxlinux_kernelMatch3.3rc6
ORlinuxlinux_kernelMatch3.3rc7
ORlinuxlinux_kernelMatch3.3.1
ORlinuxlinux_kernelMatch3.3.2
ORlinuxlinux_kernelMatch3.3.3
ORlinuxlinux_kernelMatch3.3.4
ORlinuxlinux_kernelMatch3.3.5
ORlinuxlinux_kernelMatch3.3.6
ORlinuxlinux_kernelMatch3.3.7
ORlinuxlinux_kernelMatch3.3.8
ORlinuxlinux_kernelMatch3.4
ORlinuxlinux_kernelMatch3.4rc1
ORlinuxlinux_kernelMatch3.4rc2
ORlinuxlinux_kernelMatch3.4rc3
ORlinuxlinux_kernelMatch3.4rc4
ORlinuxlinux_kernelMatch3.4rc5
ORlinuxlinux_kernelMatch3.4rc6
ORlinuxlinux_kernelMatch3.4rc7
ORlinuxlinux_kernelMatch3.4.1
ORlinuxlinux_kernelMatch3.4.2
ORlinuxlinux_kernelMatch3.4.3
ORlinuxlinux_kernelMatch3.4.4
ORlinuxlinux_kernelMatch3.4.5
ORlinuxlinux_kernelMatch3.4.6
ORlinuxlinux_kernelMatch3.4.7
ORlinuxlinux_kernelMatch3.4.8
ORlinuxlinux_kernelMatch3.4.9
ORlinuxlinux_kernelMatch3.4.10
ORlinuxlinux_kernelMatch3.4.11
ORlinuxlinux_kernelMatch3.4.12
ORlinuxlinux_kernelMatch3.4.13
ORlinuxlinux_kernelMatch3.4.14
ORlinuxlinux_kernelMatch3.4.15
ORlinuxlinux_kernelMatch3.4.16
ORlinuxlinux_kernelMatch3.4.17
ORlinuxlinux_kernelMatch3.4.18
ORlinuxlinux_kernelMatch3.4.19
ORlinuxlinux_kernelMatch3.4.20
ORlinuxlinux_kernelMatch3.4.21
ORlinuxlinux_kernelMatch3.4.22
ORlinuxlinux_kernelMatch3.4.23
ORlinuxlinux_kernelMatch3.4.24
ORlinuxlinux_kernelMatch3.4.25
ORlinuxlinux_kernelMatch3.4.26
ORlinuxlinux_kernelMatch3.4.27
ORlinuxlinux_kernelMatch3.4.28
ORlinuxlinux_kernelMatch3.4.29
ORlinuxlinux_kernelMatch3.4.30
ORlinuxlinux_kernelMatch3.4.31
ORlinuxlinux_kernelMatch3.4.32
ORlinuxlinux_kernelMatch3.5.1
ORlinuxlinux_kernelMatch3.5.2
ORlinuxlinux_kernelMatch3.5.3
ORlinuxlinux_kernelMatch3.5.4
ORlinuxlinux_kernelMatch3.5.5
ORlinuxlinux_kernelMatch3.5.6
ORlinuxlinux_kernelMatch3.5.7
ORlinuxlinux_kernelMatch3.6
ORlinuxlinux_kernelMatch3.6.1
ORlinuxlinux_kernelMatch3.6.2
ORlinuxlinux_kernelMatch3.6.3
ORlinuxlinux_kernelMatch3.6.4
ORlinuxlinux_kernelMatch3.6.5
ORlinuxlinux_kernelMatch3.6.6
ORlinuxlinux_kernelMatch3.6.7
ORlinuxlinux_kernelMatch3.6.8
ORlinuxlinux_kernelMatch3.6.9
ORlinuxlinux_kernelMatch3.6.10
ORlinuxlinux_kernelMatch3.6.11
ORlinuxlinux_kernelMatch3.7
ORlinuxlinux_kernelMatch3.7.1
Node
redhatenterprise_linuxMatch5
ORredhatenterprise_linuxMatch6.0
ORredhatenterprise_mrgMatch2.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| linux | linux_kernel | 3.4.14 | cpe:/o:linux:linux_kernel:3.4.14::: |
| linux | linux_kernel | 3.6.5 | cpe:/o:linux:linux_kernel:3.6.5::: |
| linux | linux_kernel | 3.6.3 | cpe:/o:linux:linux_kernel:3.6.3::: |
| linux | linux_kernel | 3.4.9 | cpe:/o:linux:linux_kernel:3.4.9::: |
| linux | linux_kernel | 3.0.21 | cpe:/o:linux:linux_kernel:3.0.21::: |
| linux | linux_kernel | 3.1.6 | cpe:/o:linux:linux_kernel:3.1.6::: |
| linux | linux_kernel | 3.0.44 | cpe:/o:linux:linux_kernel:3.0.44::: |
| linux | linux_kernel | 3.4.29 | cpe:/o:linux:linux_kernel:3.4.29::: |
| linux | linux_kernel | 3.2.7 | cpe:/o:linux:linux_kernel:3.2.7::: |
| linux | linux_kernel | 3.4.4 | cpe:/o:linux:linux_kernel:3.4.4::: |
References
git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0e9a9a1ad619e7e987815d20262d36a2f95717ca
lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html
www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.3
www.openwall.com/lists/oss-security/2013/04/26/16
bugzilla.redhat.com/show_bug.cgi?id=957123
github.com/torvalds/linux/commit/0e9a9a1ad619e7e987815d20262d36a2f95717ca
Related
nvd
nvd
CVE-2013-2015
2013-04-29 14:55:04
CVE-2015-7509
2015-12-28 11:59:01
ubuntucve
ubuntucve
CVE-2013-2015
2013-04-29 00:00:00
CVE-2015-7509
2015-12-28 00:00:00
cvelist
cvelist
CVE-2013-2015
2013-04-29 10:00:00
CVE-2015-7509
2015-12-28 11:00:00
debiancve
debiancve
CVE-2013-2015
2013-04-29 14:55:04
CVE-2015-7509
2015-12-28 11:59:01
prion
prion
Design/Logic Flaw
2013-04-29 14:55:00
Design/Logic Flaw
2015-12-28 11:59:00
cve
cve
CVE-2015-7509
2015-12-28 11:59:01
f5
f5
K73189318 : Linux kernel vulnerability CVE-2015-7509
2016-01-28 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : kernel (MDVSA-2013:265)
2013-11-11 00:00:00
Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2016-3566)
2016-05-23 00:00:00
Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2016-3567)
2016-05-23 00:00:00
securityvulns
securityvulns
[ MDVSA-2013:265 ] kernel
2013-11-13 00:00:00
Linux kernel security vulnerabilities
2013-11-26 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2013-0343)
2022-01-28 00:00:00
Mageia: Security Advisory (MGASA-2013-0345)
2022-01-28 00:00:00
Mageia: Security Advisory (MGASA-2013-0342)
2022-01-28 00:00:00
mageia
mageia
Updated kernel package fixes security vulnerabilites.
2013-11-22 22:57:32
Updated kernel-linus package fixes security vulnerabilites.
2013-11-22 23:00:03
Updated kernel-vserver package fixes security vulnerabilites.
2013-11-22 23:06:50
debian
debian
[SECURITY] [DSA 2669-1] linux security update
2013-05-16 02:48:53
[SECURITY] [DSA 2668-1] linux-2.6 security update
2013-05-14 19:14:29
osv
osv
linux - several
2013-05-15 00:00:00
linux-2.6 - several
2013-05-14 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2016-05-03 19:07:56
Security update for the Linux Kernel (important)
2016-08-15 16:08:51
CVSS2
4.7
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:N/I:N/A:C
AI Score
4.5
Confidence
High
EPSS
0.001
Percentile
26.7%
Related for CVE-2013-2015