Bug 158781

Summary:

Linux 2.6.x squashfs double free (CVE-2006-5701)

Product:

Gentoo Security

Reporter:

Daniel Drake (RETIRED) <dsd>

Component:

Kernel

Assignee:

Gentoo Security <security>

Status:

RESOLVED FIXED

Severity:

normal

Priority:

High

Version:

unspecified

Hardware:

All

OS:

Linux

URL:

http://projects.info-pull.com/mokb/MOKB-02-11-2006.html

Whiteboard:

[gp <2.6.18-8] [gp >=2.6.19-1 <2.6.19-4]

Package list:

Runtime testing required:

---

Attachments:

Description	Flags
patch	none

Description Daniel Drake (RETIRED) gentoo-dev

2006-12-21 18:37:49 UTC

The squashfs module of the Linux kernel (2.6.x) fails to properly handle corrupted fs structures, leading to a denial of service and possible data corruption condition. A specially crafted squashfs image will cause the kernel to double free a buffer when a read operation is performed on the corrupted filesystem.

This affects all kernels that include genpatches-extras

Comment 1 Daniel Drake (RETIRED) gentoo-dev

2006-12-23 08:07:29 UTC

Created attachment 104637 [details, diff]
patch

Committed upstream but not yet released

Comment 2 Daniel Drake (RETIRED) gentoo-dev

2007-01-05 06:31:17 UTC

Fixed versions:
gentoo-sources-2.6.18-r6
genpatches-2.6.18-8
gentoo-sources-2.6.19-r3
genpatches-2.6.19-4

Comment 3 Harlan Lieberman-Berg (RETIRED) gentoo-dev

2007-05-21 23:40:16 UTC

Way out of version range. Closing.

Comment 4 Bjoern Tropf (RETIRED) gentoo-dev

2009-11-20 09:22:15 UTC

Reopen bug to apply a valid whiteboard.