Lucene search

RedhatCVE-2013-2188

HistoryJul 16, 2013 - 2:08 p.m.

CVE-2013-2188

2013-07-1614:08:50

CWE-264

redhat

web.nvd.nist.gov

167

red hat

rhel 6

kernel

patch

denial of service

cve-2013-2188

CVSS2

4.7

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

AI Score

7.1

Confidence

High

EPSS

Percentile

5.1%

JSON

A certain Red Hat patch to the do_filp_open function in fs/namei.c in the kernel package before 2.6.32-358.11.1.el6 on Red Hat Enterprise Linux (RHEL) 6 does not properly handle failure to obtain write permissions, which allows local users to cause a denial of service (system crash) by leveraging access to a filesystem that is mounted read-only.

Affected configurations

Nvd

Node

redhatenterprise_linuxMatch6.0

VendorProductVersionCPE
redhatenterprise_linux6.0cpe:/o:redhat:enterprise_linux:6.0:::

Vendor	Product	Version	CPE
redhat	enterprise_linux	6.0	cpe:/o:redhat:enterprise_linux:6.0:::

References

bugzilla.redhat.com/show_bug.cgi?id=975406

CVSS2

4.7

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

AI Score

7.1

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2013-2188