Candidate: CVE-2009-2407
Description:
 Ramon de Carvalho Valle discovered that eCryptfs did not correctly
 validate certain buffer sizes.  A local attacker could create specially
 crafted eCryptfs files to crash the system or gain elevated privileges.
References:
 http://www.ubuntu.com/usn/usn-807-1
Ubuntu-Description:
Notes:
Bugs:
upstream: released (2.6.31-rc5) [f151cd2c54ddc7714e2f740681350476cda03a28]
linux-2.6: released (2.6.30-5) [bugfix/all/ecryptfs-parse_tag_3_packet-check-tag-3-package-encrypted-key-size.patch]
2.6.18-etch-security: N/A "no ecryptfs"
2.6.24-etch-security: released (2.6.24-6~etchnhalf.8etch2) [bugfix/all/ecryptfs-parse_tag_3_packet-check-tag-3-package-encrypted-key-size.patch]
2.6.26-lenny-security: released (2.6.26-17lenny1) [bugfix/all/ecryptfs-parse_tag_3_packet-check-tag-3-package-encrypted-key-size.patch]
2.6.15-dapper-security:
2.6.22-gutsy-security:
2.6.24-hardy-security:
2.6.27-intrepid-security: