blob: 20ee77c9411d756042705e2b199360093f3385dd (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
|
Candidate: CVE-2005-0124
References:
MLIST:[linux-kernel] 20041216 [Coverity] Untrusted user data in kernel
URL:http://seclists.org/lists/linux-kernel/2004/Dec/3914.html
MLIST:[linux-kernel] 20050105 Re: [Coverity] Untrusted user data in kernel
URL:http://seclists.org/lists/linux-kernel/2005/Jan/1089.html
MLIST:[linux-kernel] 20050107 [PATCH 2.4.29-pre3-bk4] fs/coda Re: [Coverity] Untrusted user data in kernel
URL:http://seclists.org/lists/linux-kernel/2005/Jan/2018.html
MLIST:[linux-kernel] 20050107 [PATCH 2.6.10-mm2] fs/coda Re: [Coverity] Untrusted user data in kernel
URL:http://seclists.org/lists/linux-kernel/2005/Jan/2020.html
Description:
The coda_pioctl function in the coda functionality (pioctl.c) for Linux
kernel 2.6.9 and 2.4.x before 2.4.29 may allow local users to cause a denial
of service (crash) or execute arbitrary code via negative vi.in_size or
vi.out_size values, which may trigger a buffer overflow.
Notes:
Bugs:
upstream: released (2.6.11)
linux-2.6.16: N/A
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16sarge2) [fs_coda_coverty.dpatch]
2.4.27-sarge-security: released (2.4.27-8)
|