blob: 04b06f854a28879015c80b4cbf219c7a770239d0 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
Candidate: CVE-2009-2407
Description:
Ramon de Carvalho Valle discovered that eCryptfs did not correctly
validate certain buffer sizes. A local attacker could create specially
crafted eCryptfs files to crash the system or gain elevated privileges.
References:
http://www.ubuntu.com/usn/usn-807-1
Ubuntu-Description:
Notes:
Bugs:
upstream: released (2.6.31-rc5) [f151cd2c54ddc7714e2f740681350476cda03a28]
linux-2.6: released (2.6.30-5) [bugfix/all/ecryptfs-parse_tag_3_packet-check-tag-3-package-encrypted-key-size.patch]
2.6.18-etch-security: N/A "no ecryptfs"
2.6.24-etch-security: released (2.6.24-6~etchnhalf.8etch2) [bugfix/all/ecryptfs-parse_tag_3_packet-check-tag-3-package-encrypted-key-size.patch]
2.6.26-lenny-security: released (2.6.26-17lenny1) [bugfix/all/ecryptfs-parse_tag_3_packet-check-tag-3-package-encrypted-key-size.patch]
2.6.15-dapper-security:
2.6.22-gutsy-security:
2.6.24-hardy-security:
2.6.27-intrepid-security:
|
