blob: 6045237e9bffd7612451fde96444091c51c4b2db (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
Candidate: CVE-2006-4813
References:
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=152becd26e0563aefdbc4fd1fe491928efe92d1f
Description:
The __block_prepare_write function in fs/buffer.c for Linux kernel 2.6.x before 2.6.13
does not properly clear buffers during certain error conditions, which allows local
users to read portions of files that have been unlinked.
Ubuntu-Description:
Dmitriy Monakhov discovered an information leak in the
__block_prepare_write() function. During error recovery, this
function did not properly clear memory buffers which could allow
local users to read portions of unlinked files.
Notes:
dannf> I don't think 2.4 is affected because the BH_New bit is not
dannf> cleared after get_block returns - marking 2.4.27 N/A
Bugs:
upstream: released (2.6.13-rc1)
linux-2.6: released (2.6.13-1)
2.6.8-sarge-security: released (2.6.8-16sarge6) [__block_prepare_write-recovery.dpatch]
2.4.27-sarge-security: N/A
2.6.12-breezy-security: released (CVE-2006-4813)
2.6.15-dapper-security: released
2.6.17-edgy: released
|