CVE-2012-3400

Description

Heap-based buffer overflow in the udf_load_logicalvol function in fs/udf/super.c in the Linux kernel before 3.4.5 allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted UDF filesystem.

How to fix CVE-2012-3400

To remediate CVE-2012-3400, upgrade the affected package to a fixed version below.

• Debian/linux—upgrade to 3.2.23-1 or later

Is CVE-2012-3400 being exploited?

Moderate — EPSS is 8.8%. Track this CVE but it's not at the top of the prioritisation list.

Affected packages (1)

• from 0, < 3.2.23-1

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2012-3400