blob: 840633425afda8e36aa52dbfc819851fcdc41587 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
Candidate: CVE-2005-0400
References:
BUGTRAQ:20050401 Information leak in the Linux kernel ext2 implementation
URL:http://marc.theaimsgroup.com/?l=bugtraq&m=111238764720696&w=2
MISC:http://arkoon.net/advisories/ext2-make-empty-leak.txt
FEDORA:FLSA:152532
URL:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532
UBUNTU:USN-103-1
URL:http://www.ubuntulinux.org/support/documentation/usn/usn-103-1
XF:kernel-ext2-information-disclosure(19866)
URL:http://xforce.iss.net/xforce/xfdb/19866
CONFIRM:http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.6
SECUNIA:14713
URL:http://secunia.com/advisories/14713/
Description:
The ext2_make_empty function call in the Linux kernel before 2.6.11.6 does not
properly initialize memory when creating a block for a new directory entry,
which allows local users to obtain potentially sensitive information by
reading the block.
Notes:
Bugs: 301799 303294
upstream: released (2.6.11.6)
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16) [fs-ext2-info-leak.dpatch]
2.4.27-sarge-security: released (2.4.27-10) [156_fs-ext2-info-leak.diff]
2.4.19-woody-security:
2.4.18-woody-security:
2.4.17-woody-security:
2.4.16-woody-security:
2.4.17-woody-security-hppa:
2.4.17-woody-security-ia64:
2.4.18-woody-security-hppa:
|