|
Message-ID: <Pine.GSO.4.64.1008161307540.1035@faron.mitre.org> Date: Mon, 16 Aug 2010 13:09:55 -0400 (EDT) From: "Steven M. Christey" <coley@...us.mitre.org> To: oss-security@...ts.openwall.com cc: "Steven M. Christey" <coley@...us.mitre.org> Subject: Re: CVE request - kernel: integer overflow in ext4_ext_get_blocks() On Mon, 16 Aug 2010, Eugene Teo wrote: > This was reported by a customer. Integer overflow flaws were found in > ext4_ext_in_cache() and ext4_ext_get_blocks(). We managed to triggered the > case in ext4_ext_get_blocks() but did not attempt to try the other. This can > trigger a BUG() on certain configuration of ext4 file systems. > > Upstream commit: > http://git.kernel.org/linus/731eb1a03a8445cde2cb23ecfb3580c6fa7bb690 > > https://bugzilla.redhat.com/show_bug.cgi?id=624327 Use CVE-2010-3015 What does an attacker have to do to exploit this? Mount a crafted file system? - Steve
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.