NULL pointer dereference vulnerability in evm_update_evmxattr function in Linux kernel

NULL pointer dereference vulnerability in evm_update_evmxattr function in Linux kernel

CVE-2013-0313 · MEDIUM Severity

AV:L/AC:H/AU:N/C:C/I:C/A:C

The evm_update_evmxattr function in security/integrity/evm/evm_crypto.c in the Linux kernel before 3.7.5, when the Extended Verification Module (EVM) is enabled, allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an attempted removexattr operation on an inode of a sockfs filesystem.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.