Your submission was sent successfully! Close

CVE-2008-3528

Published: 27 September 2008

The error-reporting functionality in (1) fs/ext2/dir.c, (2) fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel 2.6.26.5 does not limit the number of printk console messages that report directory corruption, which allows physically proximate attackers to cause a denial of service (temporary system hang) by mounting a filesystem that has corrupted dir->i_size and dir->i_blocks values and performing (a) read or (b) write operations. NOTE: there are limited scenarios in which this crosses privilege boundaries.

Priority

Negligible

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
dapper Does not exist

feisty Does not exist

gutsy Does not exist

hardy Ignored

intrepid Not vulnerable

upstream Needed

linux-source-2.6.15
Launchpad, Ubuntu, Debian
dapper Ignored

feisty Does not exist

gutsy Does not exist

hardy Does not exist

intrepid Does not exist

upstream Needed

linux-source-2.6.20
Launchpad, Ubuntu, Debian
dapper Does not exist

feisty Ignored

gutsy Does not exist

hardy Does not exist

intrepid Does not exist

upstream Needed

linux-source-2.6.22
Launchpad, Ubuntu, Debian
dapper Does not exist

feisty Does not exist

gutsy Ignored

hardy Does not exist

intrepid Does not exist

upstream Needed