Candidate: CVE-2009-0787
Description:
 The ecryptfs_write_metadata_to_contents function in the eCryptfs
 functionality in the Linux kernel 2.6.28 before 2.6.28.9 uses an
 incorrect size when writing kernel memory to an eCryptfs file
 header, which triggers an out-of-bounds read and allows local
 local users to obtain portions of kernel memory.
References:
 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=8faece5f906725c10e7a1f6caf84452abadbdc7b
 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.9
Ubuntu-Description:
Notes:
 dannf> Supposedly only affects 2.6.28
Bugs:
upstream: released (2.6.28.9, 2.6.29)
linux-2.6: released (2.6.29-1)
2.6.18-etch-security: N/A
2.6.24-etch-security: N/A
2.6.26-lenny-security: N/A
2.6.15-dapper-security:
2.6.22-gutsy-security:
2.6.24-hardy-security:
2.6.27-intrepid-security: