CVE-2013-2188 — Redhat Enterprise Linux vulnerability

CWE-2646 documents5 sources

Severity

4.7MEDIUMNVD

EPSS

0.0%

top 88.59%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Redhat Enterprise Linux Debian Linux

Timeline

PublishedJul 16

Latest updateMay 14

Description

A certain Red Hat patch to the do_filp_open function in fs/namei.c in the kernel package before 2.6.32-358.11.1.el6 on Red Hat Enterprise Linux (RHEL) 6 does not properly handle failure to obtain write permissions, which allows local users to cause a denial of service (system crash) by leveraging access to a filesystem that is mounted read-only.

CVSS vector

AV:L/AC:M/C:N/I:N/A:CExploitability: 3.4 | Impact: 6.9

Affected Packages1 packages

▶debiandebian/linux

Also affects: Enterprise Linux 6.0

🔴Vulnerability Details

GHSA

GHSA-p5g4-c6vw-x6q8: A certain Red Hat patch to the do_filp_open function in fs/namei↗2022-05-14

▶

📋Vendor Advisories

Red Hat

kernel: fs: filp leak on ro filesystem↗2013-06-17

▶

Debian

CVE-2013-2188: linux - A certain Red Hat patch to the do_filp_open function in fs/namei.c in the kernel...↗2013

▶

💬Community

Bugzilla

CVE-2013-6167 Mozilla: browser document.cookie DoS vulnerability↗2014-02-18

▶

Bugzilla

CVE-2013-2188 kernel: fs: filp leak on ro filesystem↗2013-06-18

▶