{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-11-01T00:00:00", "descriptions": [{"lang": "en", "value": "The cleanup_journal_tail function in the Journaling Block Device (JBD) functionality in the Linux kernel 2.6 allows local users to cause a denial of service (assertion error and kernel oops) via an ext3 or ext4 image with an \"invalid log first block value.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-12-28T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "SUSE-SU-2012:0554", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=8762202dd0d6e46854f786bdb6fb3780a1625efe"}, {"name": "48898", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/48898"}, {"name": "1026325", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1026325"}, {"name": "50663", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/50663"}, {"name": "[oss-security] 20111111 CVE Request -- kernel: jbd/jbd2: invalid value of first log block leads to oops", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2011/11/11/6"}, {"tags": ["x_refsource_MISC"], "url": "http://xorl.wordpress.com/2011/12/08/cve-2011-4132-linux-kernel-jbdjbd2-local-dos/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=753341"}, {"name": "[oss-security] 20111113 Re: CVE Request -- kernel: jbd/jbd2: invalid value of first log block leads to oops", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2011/11/13/4"}, {"name": "SUSE-SU-2015:0812", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T00:01:51.166Z"}, "title": "CVE Program Container", "references": [{"name": "SUSE-SU-2012:0554", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=8762202dd0d6e46854f786bdb6fb3780a1625efe"}, {"name": "48898", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/48898"}, {"name": "1026325", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1026325"}, {"name": "50663", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/50663"}, {"name": "[oss-security] 20111111 CVE Request -- kernel: jbd/jbd2: invalid value of first log block leads to oops", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2011/11/11/6"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://xorl.wordpress.com/2011/12/08/cve-2011-4132-linux-kernel-jbdjbd2-local-dos/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=753341"}, {"name": "[oss-security] 20111113 Re: CVE Request -- kernel: jbd/jbd2: invalid value of first log block leads to oops", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2011/11/13/4"}, {"name": "SUSE-SU-2015:0812", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-4132", "datePublished": "2012-01-27T15:00:00", "dateReserved": "2011-10-18T00:00:00", "dateUpdated": "2024-08-07T00:01:51.166Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:2.6:*:*:*:*:*:*:*", "matchCriteriaId": "0FC560CC-F785-42D5-A25B-1BA02E7AC464", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*", "matchCriteriaId": "A53FF936-C785-4CEF-BAD0-3C3EB90EE466", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The cleanup_journal_tail function in the Journaling Block Device (JBD) functionality in the Linux kernel 2.6 allows local users to cause a denial of service (assertion error and kernel oops) via an ext3 or ext4 image with an \"invalid log first block value.\""}, {"lang": "es", "value": "La funci\u00f3n cleanup_journal_tail en la funcionalidad JBD (Journaling Block Device) del kernel de Linux v2.6 permite a usuarios locales provocar una denegaci\u00f3n de servicio (error de aserci\u00f3n y fallo del kernel) a trav\u00e9s de una imagen ext3 o ext4 con un \"valor del primero bloque de registro no v\u00e1lido.\""}], "id": "CVE-2011-4132", "lastModified": "2024-11-21T01:31:54.557", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-01-27T15:55:04.423", "references": [{"source": "secalert@redhat.com", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=8762202dd0d6e46854f786bdb6fb3780a1625efe"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/48898"}, {"source": "secalert@redhat.com", "url": "http://securitytracker.com/id?1026325"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2011/11/11/6"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2011/11/13/4"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/50663"}, {"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "http://xorl.wordpress.com/2011/12/08/cve-2011-4132-linux-kernel-jbdjbd2-local-dos/"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=753341"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=8762202dd0d6e46854f786bdb6fb3780a1625efe"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/48898"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1026325"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2011/11/11/6"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2011/11/13/4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/50663"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://xorl.wordpress.com/2011/12/08/cve-2011-4132-linux-kernel-jbdjbd2-local-dos/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=753341"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2012:0007", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "kernel-0:2.6.18-274.17.1.el5", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2012-01-10T00:00:00Z"}, {"advisory": "RHSA-2012:0350", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "kernel-0:2.6.32-220.7.1.el6", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2012-03-06T00:00:00Z"}, {"advisory": "RHSA-2012:0010", "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package": "kernel-rt-0:2.6.33.9-rt31.79.el6rt", "product_name": "Red Hat Enterprise MRG 2", "release_date": "2012-01-10T00:00:00Z"}, {"advisory": "RHSA-2012:0333", "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package": "kernel-rt-0:3.0.18-rt34.53.el6rt", "product_name": "Red Hat Enterprise MRG 2", "release_date": "2012-02-23T00:00:00Z"}], "bugzilla": {"description": "kernel: jbd/jbd2: invalid value of first log block leads to oops", "id": "753341", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=753341"}, "csaw": false, "cvss": {"cvss_base_score": "4.7", "cvss_scoring_vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "status": "verified"}, "details": ["The cleanup_journal_tail function in the Journaling Block Device (JBD) functionality in the Linux kernel 2.6 allows local users to cause a denial of service (assertion error and kernel oops) via an ext3 or ext4 image with an \"invalid log first block value.\""], "name": "CVE-2011-4132", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:4", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 4"}, {"cpe": "cpe:/o:redhat:rhel_eus:6.2", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux Extended Update Support 6.2"}], "public_date": "2011-11-01T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2011-4132\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-4132"], "statement": "This issue affects the Linux kernel as shipped with Red Hat Enterprise Linux 4,\n5, 6, and Red Hat Enterprise MRG. This has been addressed in Red Hat Enterprise Linux 5, 6, and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2012-0007.html, https://rhn.redhat.com/errata/RHSA-2012-0350.html, and https://rhn.redhat.com/errata/RHSA-2012-0010.html. Red Hat\nEnterprise Linux 4 is now in Production 3 of the maintenance life-cycle,\nhttps://access.redhat.com/support/policy/updates/errata/, therefore the fix for\nthis issue is not currently planned to be included in the future updates.", "threat_severity": "Moderate"}