Your submission was sent successfully! Close

CVE-2008-3535

Published: 8 August 2008

Off-by-one error in the iov_iter_advance function in mm/filemap.c in the Linux kernel before 2.6.27-rc2 allows local users to cause a denial of service (system crash) via a certain sequence of file I/O operations with readv and writev, as demonstrated by testcases/kernel/fs/ftest/ftest03 from the Linux Test Project.

From the Ubuntu security team

It was discovered that the readv/writev functions did not correctly handle certain sequences of file operations. A local attacker could exploit this to crash the system, leading to a denial of service.

Priority

Medium

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
dapper Does not exist

feisty Does not exist

gutsy Does not exist

hardy
Released (2.6.24-21.43)
upstream
Released (2.6.27~rc2)
linux-source-2.6.15
Launchpad, Ubuntu, Debian
dapper Not vulnerable

feisty Does not exist

gutsy Does not exist

hardy Does not exist

upstream
Released (2.6.27~rc2)
linux-source-2.6.20
Launchpad, Ubuntu, Debian
dapper Does not exist

feisty Not vulnerable

gutsy Does not exist

hardy Does not exist

upstream
Released (2.6.27~rc2)
linux-source-2.6.22
Launchpad, Ubuntu, Debian
dapper Does not exist

feisty Does not exist

gutsy Not vulnerable

hardy Does not exist

upstream
Released (2.6.27~rc2)