CVE-2013-6382

Name of the Vulnerable Software and Affected Versions Linux kernel versions through 3.12.1

Description The issue is related to multiple buffer underflows in the XFS implementation in the Linux kernel, allowing local users with CAP SYS ADMIN capability to cause a denial of service or possibly have other impacts by leveraging the XFS IOC ATTRLIST BY HANDLE or XFS IOC ATTRLIST BY HANDLE 32 ioctl call with a crafted length value. This is related to the xfs attrlist by handle function in fs/xfs/xfs ioctl.c and the xfs compat attrlist by handle function in fs/xfs/xfs ioctl32.c. Local users with CAP SYS ADMIN privileges may be able to elevate their privileges when using the XFS file system.

Recommendations For Linux kernel versions through 3.12.1, consider updating to a version that contains a fix for this issue. As a temporary workaround, consider restricting the use of the XFS IOC ATTRLIST BY HANDLE and XFS IOC ATTRLIST BY HANDLE 32 ioctl calls to minimize the risk of exploitation. Additionally, restrict access to the xfs attrlist by handle and xfs compat attrlist by handle functions until a patch is available.