Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 156403

Summary: Kernel: ReiserFS Sync Memory Corruption
Product: Gentoo Security Reporter: Jule Slootbeek <jslootbeek>
Component: KernelAssignee: Gentoo Security <security>
Status: RESOLVED DUPLICATE    
Severity: normal    
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://projects.info-pull.com/mokb/MOKB-25-11-2006.html
Whiteboard: [2.6 < 2.6.?] UPSTREAM
Package list:
Runtime testing required: ---

Description Jule Slootbeek 2006-11-27 05:27:17 UTC 
MoKB reported the following vulnerability in the ReiserFS code.

The ReiserFS support code of Linux 2.6.x fails to properly handle crafted data structures, leading to an exploitable memory corruption condition when a sync is being done in a corrupted ReiserFS filesystem.
Comment 1 Harlan Lieberman-Berg (RETIRED) gentoo-dev 2006-12-08 18:54:39 UTC 
Status whiteboard was incorrectly entered -- mokb was showing it affected at least that version, not that it ended there.

MOKB says that there is no upstream fix yet, nor a CVE entry assigned.
Comment 2 Harlan Lieberman-Berg (RETIRED) gentoo-dev 2006-12-08 18:57:03 UTC 
I lied. CVE-2006-6128
Comment 3 Daniel Drake (RETIRED) gentoo-dev 2007-01-01 20:20:31 UTC 

*** This bug has been marked as a duplicate of 158790 ***