{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "fs/ext4/extents.c in the Linux kernel before 3.0 does not mark a modified extent as dirty in certain cases of extent splitting, which allows local users to cause a denial of service (system crash) via vectors involving ext4 umount and mount operations."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2013-03-01T11:00:00Z"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/torvalds/linux/commit/667eff35a1f56fa74ce98a0c7c29a40adc1ba4e3"}, {"name": "[oss-security] 20111024 Re: CVE Request -- kernel: ext4: ext4_ext_insert_extent() kernel oops", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2011/10/24/2"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=667eff35a1f56fa74ce98a0c7c29a40adc1ba4e3"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://ftp.osuosl.org/pub/linux/kernel/v3.0/ChangeLog-3.0"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=747942"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T23:37:48.577Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/torvalds/linux/commit/667eff35a1f56fa74ce98a0c7c29a40adc1ba4e3"}, {"name": "[oss-security] 20111024 Re: CVE Request -- kernel: ext4: ext4_ext_insert_extent() kernel oops", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2011/10/24/2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=667eff35a1f56fa74ce98a0c7c29a40adc1ba4e3"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://ftp.osuosl.org/pub/linux/kernel/v3.0/ChangeLog-3.0"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=747942"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-3638", "state": "PUBLISHED", "dateReserved": "2011-09-21T00:00:00Z", "datePublished": "2013-03-01T11:00:00Z", "dateUpdated": "2024-08-06T23:37:48.577Z"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E0135A6D-9FB7-4E1B-B471-914E37494942", "versionEndExcluding": "3.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "fs/ext4/extents.c in the Linux kernel before 3.0 does not mark a modified extent as dirty in certain cases of extent splitting, which allows local users to cause a denial of service (system crash) via vectors involving ext4 umount and mount operations."}, {"lang": "es", "value": "fs/ext4/extents.c en el kernel de Linux anterior a v3.0 no marca una medida de lo modificado como sucio (\"dirty\") en determinados casos de \"extent splitting\", permitiendo a usuarios locales provocar una denegaci\u00f3n de servicio (ca\u00edda del sistema) a trav\u00e9s de vectores relacionados con ext4 umount y operaciones de montaje."}], "id": "CVE-2011-3638", "lastModified": "2023-02-13T04:32:40.607", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 1.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-03-01T12:37:54.053", "references": [{"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://ftp.osuosl.org/pub/linux/kernel/v3.0/ChangeLog-3.0"}, {"source": "secalert@redhat.com", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=667eff35a1f56fa74ce98a0c7c29a40adc1ba4e3"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2011/10/24/2"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=747942"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/torvalds/linux/commit/667eff35a1f56fa74ce98a0c7c29a40adc1ba4e3"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Zheng Liu for reporting this issue.", "affected_release": [{"advisory": "RHSA-2012:0107", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "kernel-0:2.6.18-274.18.1.el5", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2012-02-09T00:00:00Z"}, {"advisory": "RHSA-2012:0517", "cpe": "cpe:/o:redhat:rhel_eus:5.6", "package": "kernel-0:2.6.18-238.37.1.el5", "product_name": "Red Hat Enterprise Linux 5.6 EUS - Server Only", "release_date": "2012-04-24T00:00:00Z"}, {"advisory": "RHSA-2011:1530", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "kernel-0:2.6.32-220.el6", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2011-12-05T00:00:00Z"}, {"advisory": "RHSA-2012:0116", "cpe": "cpe:/o:redhat:rhel_eus:6.1", "package": "kernel-0:2.6.32-131.25.1.el6", "product_name": "Red Hat Enterprise Linux 6.1 EUS - Server Only", "release_date": "2012-02-15T00:00:00Z"}], "bugzilla": {"description": "kernel: ext4: ext4_ext_insert_extent() kernel oops", "id": "747942", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=747942"}, "csaw": false, "cvss": {"cvss_base_score": "4.0", "cvss_scoring_vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C", "status": "verified"}, "details": ["fs/ext4/extents.c in the Linux kernel before 3.0 does not mark a modified extent as dirty in certain cases of extent splitting, which allows local users to cause a denial of service (system crash) via vectors involving ext4 umount and mount operations."], "name": "CVE-2011-3638", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:4", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 4"}, {"cpe": "cpe:/a:redhat:enterprise_mrg:2", "fix_state": "Affected", "package_name": "realtime-kernel", "product_name": "Red Hat Enterprise MRG 2"}], "public_date": "2011-09-28T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2011-3638\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-3638"], "statement": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 4 as it did not include support for EXT4 filesystem. It did not affect the Linux kernel as shipped with Red Hat Enterprise MRG as it has backported the upstream commit 667eff35 that addressed this issue. This has been addressed in Red Hat Enterprise Linux 5 and 6 via https://rhn.redhat.com/errata/RHSA-2012-0107.html and https://rhn.redhat.com/errata/RHSA-2011-1530.html.", "threat_severity": "Moderate"}