| 1 |
Candidate: CVE-2005-3109
|
| 2 |
References:
|
| 3 |
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3109
|
| 4 |
Final-Decision:
|
| 5 |
Interim-Decision:
|
| 6 |
Modified:
|
| 7 |
Proposed:
|
| 8 |
Assigned: 20050930
|
| 9 |
Category: SF
|
| 10 |
CONFIRM:http://www.kernel.org/git/gitweb.cgi?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=945b092011c6af71a0107be96e119c8c08776f3f
|
| 11 |
Description:
|
| 12 |
The HFS and HFS+ (hfsplus) modules in Linux 2.6 allows attackers to
|
| 13 |
cause a denial of service (oops) by using hfsplus to mount a
|
| 14 |
filesystem that is not hfsplus.
|
| 15 |
Notes:
|
| 16 |
Extra information from Moritz Muehlenhof:
|
| 17 |
Local DoS through oops by mounting a non-HFS+ filesystem as HFS+.
|
| 18 |
Asking upstream about 2.4: http://lkml.org/lkml/2005/10/7/3/index.html
|
| 19 |
dannf> Looks like, from the above thread, that 2.4 is not affected; marking
|
| 20 |
as such.
|
| 21 |
upstream: released (2.6.11.12)
|
| 22 |
2.6.8-sarge-security: released (2.6.8-16sarge1) [fs-hfs-oops-and-leak.dpatch]
|
| 23 |
2.4.27-sid/sarge: N/A
|
| 24 |
2.4.27-sarge-security: N/A
|
| 25 |
linux-2.6: N/A
|
| 26 |
2.4.19-woody-security: N/A
|
| 27 |
2.4.18-woody-security: N/A
|
| 28 |
2.4.17-woody-security: N/A
|
| 29 |
2.4.16-woody-security: N/A
|
| 30 |
2.4.17-woody-security-hppa: N/A
|
| 31 |
2.4.17-woody-security-ia64: N/A
|
| 32 |
2.4.18-woody-security-hppa: N/A
|
Parent Directory
| 
Revision Log