Failure to handle mounting of corrupt filesystem streams may lead to a local denial of service condition when SELinux hooks are enabled. This particular vulnerability is caused by a null pointer dereference in the superblock_doinit function.
Created attachment 104641 [details, diff] patch
Fixed in genpatches-2.6.18-8 (gentoo-sources-2.6.18-r6)
(In reply to comment #2) > Fixed in genpatches-2.6.18-8 (gentoo-sources-2.6.18-r6) Fixed with hardened-sources-2.6.18-r4.
ck-sources: Bump to .18 and genpatches 8, or .19. openvz-sources: Patch or bump to unaffected. rsbac-sources: Bump to .19 or genpatches 8. usermode-sources: Bump to .19 or genpatches 8. vserver-sources: Patch or bump to unaffected version or genpatches 8.
Whoosies. Thanks dsd. ;) mips-sources: bump to .18 and genpatches .8, or .19 xen-sources: Same goes for you.
*** Bug 155163 has been marked as a duplicate of this bug. ***
usermode is bumped to .8
rsbac-sources-2.6.19 is in cvs (~arch)
Thanks, this is fixed in xen-sources-2.6.16.28-r2, which will hit the tree in a few hours (just waiting for the mirrors to update before I commit the ebuild).
only remaining vulnerable package is openvz-sources
Closing. It's been open long enough, and openvz is iffy about supported anyway.