Bug 158783 (CVE-2006-5823)

Summary:

Linux 2.6.x zlib_inflate memory corruption (CVE-2006-5823)

Product:

Gentoo Security

Reporter:

Daniel Drake (RETIRED) <dsd>

Component:

Kernel

Assignee:

Gentoo Security <security>

Status:

RESOLVED FIXED

Severity:

normal

CC:

gentoomail, unnamedrambler

Priority:

High

Version:

unspecified

Hardware:

All

OS:

Linux

URL:

http://projects.info-pull.com/mokb/MOKB-07-11-2006.html

Whiteboard:

[linux < 2.6.19.2][gp < 2.6.18-8][gp >= 2.6.19-1 < 2.6.19-4][gentoo >= 2.6.19 < 2.6.19-r3]

Package list:

Runtime testing required:

---

Attachments:

Description	Flags
patch	none

Description Daniel Drake (RETIRED) gentoo-dev

2006-12-21 18:48:15 UTC

Linux 2.6.x zlib_inflate function can be abused by filesystems that depend on zlib compression, such as cramfs. A failure to handle crafted data, result of a read operation in a corrupted filesystem stream, may lead to memory corruption and potential arbitrary code execution.

Comment 1 Daniel Drake (RETIRED) gentoo-dev

2006-12-23 08:33:41 UTC

Created attachment 104639 [details, diff]
patch

Comment 2 Daniel Drake (RETIRED) gentoo-dev

2007-01-01 20:14:25 UTC

*** Bug 154432 has been marked as a duplicate of this bug. ***

Comment 3 Daniel Drake (RETIRED) gentoo-dev

2007-01-05 06:31:57 UTC

Fixed versions:
gentoo-sources-2.6.18-r6
genpatches-2.6.18-8
gentoo-sources-2.6.19-r3
genpatches-2.6.19-4

Comment 4 unnamedrambler 2008-03-07 01:08:36 UTC

Proposed metadata:
[linux < 2.6.19.2] via http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.19.2
[gp < 2.6.18-8]
[gp > 2.6.18-8 < 2.6.19-4]
the following may be redundant:
[gentoo < 2.6.18-r6]
[gentoo > 2.6.18-r6 < 2.6.19-4]

Comment 5 unnamedrambler 2008-03-07 01:12:44 UTC

Woo.. this was the first go so please excuse my mistake:
[gentoo > 2.6.18-r6 < 2.6.19-4] should read
[gentoo > 2.6.18-r6 < 2.6.19-r3]