[kernel-sec-discuss] r685 - active
Martin Pitt
mpitt at alioth.debian.org
Tue Jan 16 11:23:50 CET 2007
Author: mpitt
Date: 2007-01-16 11:23:50 +0100 (Tue, 16 Jan 2007)
New Revision: 685
Modified:
active/CVE-2006-6053
Log:
CVE-2006-6053: add upstream patch
Modified: active/CVE-2006-6053
===================================================================
--- active/CVE-2006-6053 2007-01-16 10:07:29 UTC (rev 684)
+++ active/CVE-2006-6053 2007-01-16 10:23:50 UTC (rev 685)
@@ -1,14 +1,17 @@
Candidate: CVE-2006-6053
References:
+ http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=40b851348fe9bf49c26025b34261d25142269b60
MISC:http://projects.info-pull.com/mokb/MOKB-10-11-2006.html
Description:
The ext3fs_dirhash function in Linux kernel 2.6.x allows local users to cause
a denial of service (crash) via an ext3 stream with malformed data structures.
Ubuntu-Description:
+ The ext3 file system driver did not properly handle corrupted data
+ structures. By mounting a specially crafted ext3 file system, a local
+ attacker could exploit this to crash the kernel.
Notes:
- Fixed by SuSE: http://www.novell.com/linux/security/advisories/2006_79_kernel.html
Bugs:
-upstream:
+upstream: released (2.6.20-rc5)
linux-2.6:
2.6.18-etch: needed
2.6.8-sarge-security: needed
More information about the kernel-sec-discuss
mailing list