Your submission was sent successfully! Close

CVE-2008-3534

Published: 8 August 2008

The shmem_delete_inode function in mm/shmem.c in the tmpfs implementation in the Linux kernel before 2.6.26.1 allows local users to cause a denial of service (system crash) via a certain sequence of file create, remove, and overwrite operations, as demonstrated by the insserv program, related to allocation of "useless pages" and improper maintenance of the i_blocks count.

From the Ubuntu security team

It was discovered that the tmpfs implementation did not correctly handle certain sequences of inode operations. A local attacker could exploit this to crash the system, leading to a denial of service.

Priority

Medium

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
dapper Does not exist

feisty Does not exist

gutsy Does not exist

hardy
Released (2.6.24-21.43)
upstream
Released (2.6.27~rc4)
linux-source-2.6.15
Launchpad, Ubuntu, Debian
dapper
Released (2.6.15-52.73)
feisty Does not exist

gutsy Does not exist

hardy Does not exist

upstream
Released (2.6.27~rc4)
linux-source-2.6.20
Launchpad, Ubuntu, Debian
dapper Does not exist

feisty Ignored
(end-of-life)
gutsy Does not exist

hardy Does not exist

upstream
Released (2.6.27~rc4)
linux-source-2.6.22
Launchpad, Ubuntu, Debian
dapper Does not exist

feisty Does not exist

gutsy
Released (2.6.22-15.59)
hardy Does not exist

upstream
Released (2.6.27~rc4)