blob: 12c27899a9879a37420e1ee4f1ce6f4b2c320066 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
Candidate: CVE-2007-2878
References:
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.2
Description:
The VFAT compat ioctls in the Linux kernel before 2.6.21.2, when run
on a 64-bit system, allow local users to corrupt a kernel_dirent struct
and cause a denial of service (system crash) via unknown vectors.
Ubuntu-Description:
Luca Tettamanti discovered a flaw in the VFAT compat ioctls on 64-bit
systems. A local attacker could corrupt a kernel_dirent struct and cause
a denial of service.
Notes:
dannf> reproduced in etch using reproducer provided in the changeset
dannf> backporting the fix only proved hazardous as there was some recent
dannf> restructuring - i've elected to backport that as well
dannf> (fat-move-ioctl-compat-code.patch)
dannf> marking sarge kernels as N/A because amd64 wasn't officially supported
dannf> and the backport is non-trivial (read: risk outweighs benefit)
dannf>
dannf> reverted from etch-security branch in r9295 due to ABI change
Bugs:
upstream: released (2.6.21.2)
linux-2.6: released (2.6.21-3)
2.6.18-etch-security: released (2.6.18.dfsg.1-17etch1) [bugfix/fat-move-ioctl-compat-code.patch, bugfix/fat-fix-compat-ioctls.patch]
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
2.6.15-dapper-security: released (2.6.15-28.57)
2.6.17-edgy-security: released (2.6.17.1-11.39) [6dbbec837f43196339b1638dc799d898fcba9302]
2.6.20-feisty-security: released (2.6.20-16.31) [5825ab378271ac6ead26504a46b0d404b63592dc]
|