Medium severity5.5NVD Advisory· Published May 17, 2012· Updated Apr 29, 2026
CVE-2012-0038
CVE-2012-0038
Description
Integer overflow in the xfs_acl_from_disk function in fs/xfs/xfs_acl.c in the Linux kernel before 3.1.9 allows local users to cause a denial of service (panic) via a filesystem with a malformed ACL, leading to a heap-based buffer overflow.
Affected products
1Patches
2fa8b18edd752https://github.com/torvalds/linuxvia nvd-ref
093019cf1b18https://github.com/torvalds/linuxvia nvd-ref
Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1.9nvdMailing ListPatchVendor Advisory
- www.openwall.com/lists/oss-security/2012/01/10/11nvdMailing ListPatchThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
- github.com/torvalds/linux/commit/093019cf1b18dd31b2c3b77acce4e000e2cbc9cenvdPatchThird Party Advisory
- github.com/torvalds/linux/commit/fa8b18edd752a8b4e9d1ee2cd615b82c93cf8bbanvdPatchThird Party Advisory
News mentions
0No linked articles in our index yet.