Candidate: CVE-2005-0400
References: 
 BUGTRAQ:20050401 Information leak in the Linux kernel ext2 implementation
 URL:http://marc.theaimsgroup.com/?l=bugtraq&m=111238764720696&w=2
 MISC:http://arkoon.net/advisories/ext2-make-empty-leak.txt
 FEDORA:FLSA:152532
 URL:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532
 UBUNTU:USN-103-1
 URL:http://www.ubuntulinux.org/support/documentation/usn/usn-103-1
 XF:kernel-ext2-information-disclosure(19866)
 URL:http://xforce.iss.net/xforce/xfdb/19866
 CONFIRM:http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.6
 SECUNIA:14713
 URL:http://secunia.com/advisories/14713/
Description: 
 The ext2_make_empty function call in the Linux kernel before 2.6.11.6 does not
 properly initialize memory when creating a block for a new directory entry,
 which allows local users to obtain potentially sensitive information by
 reading the block.
Notes: 
Bugs: 301799 303294
upstream: released (2.6.11.6)
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16) [fs-ext2-info-leak.dpatch]
2.4.27-sarge-security: released (2.4.27-10) [156_fs-ext2-info-leak.diff]
2.4.19-woody-security: 
2.4.18-woody-security: 
2.4.17-woody-security: 
2.4.16-woody-security: 
2.4.17-woody-security-hppa: 
2.4.17-woody-security-ia64: 
2.4.18-woody-security-hppa: