| 1 |
Candidate: CVE-2006-5757
|
| 2 |
References:
|
| 3 |
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e5657933863f43cc6bb76a54d659303dafaa9e58
|
| 4 |
Description:
|
| 5 |
Race condition in the __find_get_block_slow function in the ISO9660
|
| 6 |
filesystem in Linux 2.6.18 and possibly other versions allows local
|
| 7 |
users to cause a denial of service (infinite loop) by mounting a
|
| 8 |
crafted ISO9660 filesystem containing malformed data structures.
|
| 9 |
Ubuntu-Description:
|
| 10 |
A race condition was found in the grow_buffers() function. By mounting a
|
| 11 |
specially crafted ISO9660 or NTFS file system, a local attacker could
|
| 12 |
exploit this to trigger an infinite loop in the kernel, rendering the
|
| 13 |
machine unusable.
|
| 14 |
Notes:
|
| 15 |
http://projects.info-pull.com/mokb/MOKB-05-11-2006.html
|
| 16 |
http://projects.info-pull.com/mokb/MOKB-19-11-2006.html
|
| 17 |
dannf> Tried the MOKB-05-11-2006 reproducer on 2.4.27/ia64 & no
|
| 18 |
dannf> infinite loop was triggered
|
| 19 |
jmm> 2.4.27 has range checks, marking N/A
|
| 20 |
Bugs:
|
| 21 |
upstream: released (2.6.19-rc2)
|
| 22 |
linux-2.6: released (2.6.18.dfsg.1-10) [2.6.16.38]
|
| 23 |
2.6.18-etch-security: released (2.6.18.dfsg.1-10) [2.6.16.38]
|
| 24 |
2.6.8-sarge-security: released (2.6.8-16sarge7) [__find_get_block_slow-race.dpatch]
|
| 25 |
2.4.27-sarge-security: N/A
|
| 26 |
2.6.12-breezy-security: released (2.6.12-10.43)
|
| 27 |
2.6.15-dapper-security: released (2.6.15-28.51)
|
| 28 |
2.6.17-edgy-security: released (2.6.17.1-11.35)
|
Parent Directory
| 
Revision Log