CVE-2012-2150
NONE EPSS 90.4%
Published Aug 25, 201510y ago · Modified Jun 16, 20262w ago
Published Aug 25, 2015 10y ago
Last Modified Jun 16, 2026 2w ago
Description
xfs_metadump in xfsprogs before 3.2.4 does not properly obfuscate file data, which allows remote attackers to obtain sensitive information by reading a generated image.
Threat Intelligence
EPSS Exploit Probability
90.4% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor Information Exposure
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| sgi | xfsprogs | * | ≤3.2.3 |
References 11
- lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163690.html
- lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2015-August/164180.html
- lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2015-August/164189.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2015-08/msg00027.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2016-01/msg00007.html
- oss.sgi.com http://oss.sgi.com/pipermail/xfs/2015-July/042726.html
- openwall.com http://www.openwall.com/lists/oss-security/2015/07/23/12
- openwall.com http://www.openwall.com/lists/oss-security/2015/07/30/3
- oracle.com http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- securityfocus.com http://www.securityfocus.com/bid/76013
- bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=817696
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.