blob: 25356db56107d47b94bc94d538d4d4d95334ac1d (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
|
Candidate: CVE-2006-6053
References:
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=40b851348fe9bf49c26025b34261d25142269b60
MISC:http://projects.info-pull.com/mokb/MOKB-10-11-2006.html
Description:
The ext3fs_dirhash function in Linux kernel 2.6.x allows local users to cause
a denial of service (crash) via an ext3 stream with malformed data structures.
Ubuntu-Description:
The ext3 file system driver did not properly handle corrupted data
structures. By mounting a specially crafted ext3 file system, a local
attacker could exploit this to crash the kernel.
Notes:
dannf> only the dir.c bit applies to 2.4
Bugs:
upstream: released (2.6.20-rc5)
linux-2.6: released (2.6.20-1)
2.6.18-etch-security: released (2.6.18.dfsg.1-10) [bugfix/2.6.16.38]
2.6.8-sarge-security: released (2.6.8-16sarge7) [ext3-fsfuzz.dpatch]
2.4.27-sarge-security: released (2.4.27-10sarge6) [242_ext3-fsfuzz.diff]
2.6.12-breezy-security: released (2.6.12-10.43)
2.6.15-dapper-security: released (2.6.15-28.51)
2.6.17-edgy-security: released (2.6.17.1-11.35)
|