Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 155355

Summary: kernel: gfs2 init_journal denial of service
Product: Gentoo Security Reporter: Jule Slootbeek <jslootbeek>
Component: KernelAssignee: Gentoo Security <security>
Status: RESOLVED DUPLICATE    
Severity: normal    
Priority: High    
Version: unspecified   
Hardware: All   
OS: Other   
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6057
Whiteboard: [2.6 < 2.6.18]
Package list:
Runtime testing required: ---

Description Jule Slootbeek 2006-11-16 06:45:13 UTC 
Month of Kernel Bugs reports the following Denial of Service vulnerability in 2.6.x kernels patched with GFS2 support.

Linux 2.6.x gfs2 filesystem code fails to properly handle corrupted data structures, leading to an exploitable denial of service issue when a crafted stream is being mounted. This particular vulnerability is caused by a NULL pointer dereference in the init_journal function.
Comment 1 Jule Slootbeek 2006-11-27 05:32:27 UTC 
CVE-2006-6057 created: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6057
Comment 2 Daniel Drake (RETIRED) gentoo-dev 2007-01-01 20:16:19 UTC 

*** This bug has been marked as a duplicate of 158787 ***