CVE-2012-3400

Linux Kernel < 3.4.5 - Heap-Based Buffer Overflow in UDF Filesystem Handling

Title source: llm
STIX 2.1

Description

Heap-based buffer overflow in the udf_load_logicalvol function in fs/udf/super.c in the Linux kernel before 3.4.5 allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted UDF filesystem.

References (15)

Core 15
Core References
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1556-1
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/07/10/2
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1557-1
Issue Tracking, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=843139
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1555-1
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://ubuntu.com/usn/usn-1529-1
Third Party Advisory x_refsource_confirm
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691
Third Party Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-0594.html
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/50506
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html

Scores

EPSS 0.0881
EPSS Percentile 94.5%

Details

CWE
CWE-787
Status published
Products (4)
canonical/ubuntu_linux 10.04
canonical/ubuntu_linux 11.04
canonical/ubuntu_linux 12.04
linux/linux_kernel < 3.0.37
Published Oct 03, 2012
Tracked Since Feb 18, 2026