Date: Thu, 18 Sep 2008 13:41:01 +0800 From: Eugene Teo <eteo@...hat.com> To: oss-security@...ts.openwall.com Subject: CVE-2008-3528 Linux kernel ext directory corruption DoS The ext filesystem code fails to properly handle corrupted data structures. With a mounted filesystem image or partition that have corrupted dir->i_size and dir->i_blocks, a user performing either a read or write operation on the mounted image or partition can lead to a possible denial of service. References: https://bugzilla.redhat.com/show_bug.cgi?id=459577 http://lkml.org/lkml/2008/9/13/98 http://lkml.org/lkml/2008/9/13/99 http://lkml.org/lkml/2008/9/17/371 The issue is not fixed upstream yet, but the patch has been added to -mm tree. I will update this email as soon as I know the commit hashes. This issue has been allocated with CVE-2008-3528. Thanks, Eugene -- Eugene Teo / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.