[kernel-sec-discuss] r1507 - active
Michael Gilbert
gilbert-guest at alioth.debian.org
Tue Oct 6 21:58:39 UTC 2009
Author: gilbert-guest
Date: 2009-10-06 21:58:39 +0000 (Tue, 06 Oct 2009)
New Revision: 1507
Added:
active/CVE-2009-2908
Log:
new issue
Added: active/CVE-2009-2908
===================================================================
--- active/CVE-2009-2908 (rev 0)
+++ active/CVE-2009-2908 2009-10-06 21:58:39 UTC (rev 1507)
@@ -0,0 +1,18 @@
+Candidate: CVE-2009-2908
+Description:
+ When calling vfs_unlink() on the lower dentry, d_delete() turns the
+ dentry into a negative dentry when the d_count is 1. This eventually
+ caused a NULL pointer deref when a read() or write() was done and the
+ negative dentry's d_inode was dereferenced in
+ ecryptfs_read_update_atime() or ecryptfs_getxattr().
+References:
+ http://www.openwall.com/lists/oss-security/2009/10/06/1
+ http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.31.y.git;a=commit;h=afc2b6932f48f200736d3e36ad66fee0ec733136
+ https://bugzilla.redhat.com/show_bug.cgi?id=527534
+Notes:
+Bugs:
+upstream: released (2.6.31.2) [afc2b6932f48f200736d3e36ad66fee0ec733136], pending (2.6.32-rc3) [9c2d2056647790c5034d722bd24e9d913ebca73c]
+linux-2.6: needed
+2.6.18-etch-security:
+2.6.24-etch-security:
+2.6.26-lenny-security:
More information about the kernel-sec-discuss
mailing list