ALT-PU-2015-2168-1
Closed vulnerabilities
Published: 2015-08-25
Modified: 2016-12-07
Modified: 2016-12-07
CVE-2012-2150
xfs_metadump in xfsprogs before 3.2.4 does not properly obfuscate file data, which allows remote attackers to obtain sensitive information by reading a generated image.
Severity: MEDIUM (5.0)
References:
- [xfs] 20150729 [ANNOUNCE] xfsprogs: v3.2.4 released
- https://bugzilla.redhat.com/show_bug.cgi?id=817696
- FEDORA-2015-12406
- FEDORA-2015-12380
- openSUSE-SU-2015:1429
- FEDORA-2015-12435
- [oss-security] 20150730 Re: CVE-2012-2150 xfsprogs: xfs_metadump information disclosure flaw
- [oss-security] 20150723 CVE-2012-2150 xfsprogs: xfs_metadump information disclosure flaw
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- 76013
- openSUSE-SU-2016:0018