CVE-2012-2150

Impact:
Low
Public Date:
2015-07-23
CWE:
CWE-200
Bugzilla:
817696: CVE-2012-2150 xfsprogs: xfs_metadump information disclosure flaw
It was discovered that the xfs_metadump tool of the xfsprogs suite did not fully adhere to the standards of obfuscation described in its man page. In case a user with the necessary privileges used xfs_metadump and relied on the advertised obfuscation, the generated data could contain unexpected traces of potentially sensitive information.

Find out more about CVE-2012-2150 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v2 metrics

Base Score 1.2
Base Metrics AV:L/AC:H/Au:N/C:P/I:N/A:N
Access Vector Local
Access Complexity High
Authentication None
Confidentiality Impact Partial
Integrity Impact None
Availability Impact None

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 7 (xfsprogs) RHSA-2015:2151 2015-11-19

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 6 xfsprogs Will not fix
Red Hat Enterprise Linux 5 xfsprogs Will not fix
Last Modified