Jan Kara

9 exploits Active since Oct 2012
CVE-2014-9728 WRITEUP WRITEUP
Linux Kernel < 3.18.1 - Denial of Service via UDF Filesystem Length Validation
The UDF filesystem implementation in the Linux kernel before 3.18.2 does not validate certain lengths, which allows local users to cause a denial of service (buffer over-read and system crash) via a crafted filesystem image, related to fs/udf/inode.c and fs/udf/symlink.c.
CVE-2012-3400 WRITEUP WRITEUP
Linux Kernel < 3.4.5 - Heap-Based Buffer Overflow in UDF Filesystem Handling
Heap-based buffer overflow in the udf_load_logicalvol function in fs/udf/super.c in the Linux kernel before 3.4.5 allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted UDF filesystem.
CVE-2014-9728 WRITEUP WRITEUP
Linux Kernel < 3.18.1 - Denial of Service via UDF Filesystem Length Validation
The UDF filesystem implementation in the Linux kernel before 3.18.2 does not validate certain lengths, which allows local users to cause a denial of service (buffer over-read and system crash) via a crafted filesystem image, related to fs/udf/inode.c and fs/udf/symlink.c.
CVE-2015-8952 WRITEUP MEDIUM WRITEUP
Linux Kernel < 4.5.7 - Denial of Service via mbcache Xattr Block Caching
The mbcache feature in the ext2 and ext4 filesystem implementations in the Linux kernel before 4.6 mishandles xattr block caching, which allows local users to cause a denial of service (soft lockup) via filesystem operations in environments that use many attributes, as demonstrated by Ceph and Samba.
CVSS 5.5
CVE-2012-6548 WRITEUP WRITEUP
Linux Kernel < 3.6 - Information Exposure via udf_encode_fh
The udf_encode_fh function in fs/udf/namei.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application.
CVE-2012-6549 WRITEUP WRITEUP
Linux Kernel < 3.6 - Information Exposure via isofs_export_encode_fh
The isofs_export_encode_fh function in fs/isofs/export.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application.
CVE-2013-1848 WRITEUP WRITEUP
Linux Kernel < 3.8.3 - Local Privilege Escalation via Format String in ext3 Superblock Handling
fs/ext3/super.c in the Linux kernel before 3.8.4 uses incorrect arguments to functions in certain circumstances related to printk input, which allows local users to conduct format-string attacks and possibly gain privileges via a crafted application.
CVE-2015-4167 WRITEUP WRITEUP
Linux Kernel < 3.19.1 - Denial of Service via UDF Filesystem Inode Length Validation
The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.19.1 does not validate certain length values, which allows local users to cause a denial of service (incorrect data representation or integer overflow, and OOPS) via a crafted UDF filesystem.
CVE-2017-7495 WRITEUP MEDIUM WRITEUP
Linux kernel <4.6.2 - Info Disclosure
fs/ext4/inode.c in the Linux kernel before 4.6.2, when ext4 data=ordered mode is used, mishandles a needs-flushing-before-commit list, which allows local users to obtain sensitive information from other users' files in opportunistic circumstances by waiting for a hardware reset, creating a new file, making write system calls, and reading this file.
CVSS 5.5