{
  "threat_severity" : "Moderate",
  "public_date" : "2013-01-21T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: xfs: _xfs_buf_find oops on blocks beyond the filesystem end",
    "id" : "918009",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=918009"
  },
  "cvss" : {
    "cvss_base_score" : "3.8",
    "cvss_scoring_vector" : "AV:L/AC:H/Au:S/C:N/I:N/A:C",
    "status" : "verified"
  },
  "cwe" : "CWE-476",
  "details" : [ "The _xfs_buf_find function in fs/xfs/xfs_buf.c in the Linux kernel before 3.7.6 does not validate block numbers, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the ability to mount an XFS filesystem containing a metadata inode with an invalid extent map." ],
  "statement" : "This issue does not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5.\nThis issue affects the version of Linux kernel as shipped with Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2. Due to it's limited impact, this issue is not currently planned to be addressed in Red Hat Enterprise Linux 6.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise MRG 2",
    "release_date" : "2013-05-20T00:00:00Z",
    "advisory" : "RHSA-2013:0829",
    "cpe" : "cpe:/a:redhat:enterprise_mrg:2:server:el6",
    "package" : "kernel-rt-0:3.6.11.2-rt33.39.el6rt"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Will not fix",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2013-1819\nhttps://nvd.nist.gov/vuln/detail/CVE-2013-1819" ],
  "name" : "CVE-2013-1819",
  "csaw" : false
}