CVE-2013-1819 — Vulnetix

Try Vulnetix Request Demo

CVE-2013-1819 REJECTED

The _xfs_buf_find function in fs/xfs/xfs_buf.c in the Linux kernel before 3.7.6 does not validate block numbers, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the ability to mount an XFS filesystem containing a metadata inode with an invalid extent map.

EPSS 0.05% · 17.0th percentile

Risk Scores

EPSS Score

0.05%

17.0th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:14.04:LTS	linux	0

Timeline

Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score
Jul 10, 2023 EPSS Score

References

https://ubuntu.com/security/CVE-2013-1819 third-party-advisory
http://www.openwall.com/lists/oss-security/2013/03/05/9 third-party-advisory
https://bugzilla.redhat.com/show_bug.cgi?id=918009 third-party-advisory
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=eb178619f930fa2ba2348de332a1ff1c66a31424 third-party-advisory
https://ubuntu.com/security/notices/USN-1968-1 vendor-advisory
https://ubuntu.com/security/notices/USN-1969-1 vendor-advisory
https://ubuntu.com/security/notices/USN-1970-1 vendor-advisory
https://ubuntu.com/security/notices/USN-1972-1 vendor-advisory
https://ubuntu.com/security/notices/USN-1973-1 vendor-advisory
https://ubuntu.com/security/notices/USN-1975-1 vendor-advisory
https://www.cve.org/CVERecord?id=CVE-2013-1819 third-party-advisory

Open in Interactive Console →