CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
9.8%
Multiple integer overflows in the (1) dodecrypt and (2) doencrypt functions in cfs_fh.c in cfsd in Matt Blaze Cryptographic File System (CFS) 1.4.1 before Debian GNU/Linux package 1.4.1-17 allow local users to cause a denial of service (daemon crash) by appending data to a file that is larger than 2 Gb.
Vendor | Product | Version | CPE |
---|---|---|---|
matt_blaze | cryptographic_file_system | 1.4.1 | cpe:2.3:a:matt_blaze:cryptographic_file_system:1.4.1:*:*:*:*:*:*:* |