blob: 2d36440f0ace176aab970088edf2bd452c07f0c3 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
Candidate: CVE-2005-3109
References:
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3109
Final-Decision:
Interim-Decision:
Modified:
Proposed:
Assigned: 20050930
Category: SF
CONFIRM:http://www.kernel.org/git/gitweb.cgi?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=945b092011c6af71a0107be96e119c8c08776f3f
Description:
The HFS and HFS+ (hfsplus) modules in Linux 2.6 allows attackers to
cause a denial of service (oops) by using hfsplus to mount a
filesystem that is not hfsplus.
Notes:
Extra information from Moritz Muehlenhof:
Local DoS through oops by mounting a non-HFS+ filesystem as HFS+.
Asking upstream about 2.4: http://lkml.org/lkml/2005/10/7/3/index.html
dannf> Looks like, from the above thread, that 2.4 is not affected; marking
as such.
upstream: released (2.6.11.12)
2.6.8-sarge-security: released (2.6.8-16sarge1) [fs-hfs-oops-and-leak.dpatch]
2.4.27-sid/sarge: N/A
2.4.27-sarge-security: N/A
linux-2.6: N/A
2.4.19-woody-security: N/A
2.4.18-woody-security: N/A
2.4.17-woody-security: N/A
2.4.16-woody-security: N/A
2.4.17-woody-security-hppa: N/A
2.4.17-woody-security-ia64: N/A
2.4.18-woody-security-hppa: N/A
|