CVE-2012-2150: Infoleak

Published Apr 30, 2012
·
Updated

Gabriel Vlasiu reported that xfsmetadump, part of the xfsprogs suite of tools for the XFS filesystem, did not properly obfuscate data. xfsmetadump properly obfuscates active metadata, but the rest of the space within that fs block comes through in the clear. This could lead to exposure of stale disk data via the produced metadump image.

The expectation of xfsmetadump is to obfuscate all but the shortest names in the metadata, as noted in the manpage:

By default, xfsmetadump obfuscates most file (regular file, directory and symbolic link) names and extended attribute names to allow the dumps to be sent without revealing confidential information. Extended attribute values are zeroed and no data is copied. The only exceptions are file or attribute names that are 4 or less characters in length. Also file names that span extents (this can only occur with the mkfs.xfs(8) options where -n size > -b size) are not obfuscated. Names between 5 and 8 characters in length inclusively are partially obfuscated.

While the xfsmetadump tool can be run by unprivileged users, it requires appropriate permissions to access block devices (such as root) where the sensitive data might be dumped. An unprivileged user, without access to the block device, could not use this flaw to obtain sensitive data they would not otherwise have permission to access.

Other sources

xfsmetadump in xfsprogs before 3.2.4 does not properly obfuscate file data, which allows remote attackers to obtain sensitive information by reading a generated image.

MITRE

Affected Software

2 affected componentsFixes available
redhat/xfsprogs<3.2.4
3.2.4
SGI Xfsprogs<=3.2.3

Event History

Apr 30, 2012
Data Sourced
via Red Hat·10:55 PM
DescriptionSeverityAffected Software
Aug 25, 2015
CVE Published
via MITRE·05:00 PM
Data Sourced
via MITRE·05:00 PM
Description
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is the severity of CVE-2012-2150?

CVE-2012-2150 is considered a medium severity vulnerability due to potential exposure of sensitive stale data.

2

How do I fix CVE-2012-2150?

To fix CVE-2012-2150, upgrade xfsprogs to version 3.2.4 or later.

3

What is affected by CVE-2012-2150?

CVE-2012-2150 affects xfsprogs versions up to 3.2.3 and all versions below 3.2.4.

4

What type of data exposure occurs with CVE-2012-2150?

CVE-2012-2150 can lead to the exposure of stale metadata that is not properly obfuscated.

5

Is CVE-2012-2150 specific to any filesystem?

Yes, CVE-2012-2150 specifically affects the XFS filesystem tools in the xfsprogs suite.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203