155355 – kernel: gfs2 init_journal denial of service

Bug 155355 - kernel: gfs2 init_journal denial of service

Summary: kernel: gfs2 init_journal denial of service

Status:	RESOLVED DUPLICATE of bug 158787

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Kernel (show other bugs)
Hardware:	All Other

Importance:	High normal
Assignee:	Gentoo Security

URL:	http://cve.mitre.org/cgi-bin/cvename....
Whiteboard:	[2.6 < 2.6.18]
Keywords:

Depends on:
Blocks:

Reported:	2006-11-16 06:45 UTC by Jule Slootbeek
Modified:	2007-01-01 20:16 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jule Slootbeek 2006-11-16 06:45:13 UTC

Month of Kernel Bugs reports the following Denial of Service vulnerability in 2.6.x kernels patched with GFS2 support.

Linux 2.6.x gfs2 filesystem code fails to properly handle corrupted data structures, leading to an exploitable denial of service issue when a crafted stream is being mounted. This particular vulnerability is caused by a NULL pointer dereference in the init_journal function.

Comment 1 Jule Slootbeek 2006-11-27 05:32:27 UTC

CVE-2006-6057 created: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6057

Comment 2 Daniel Drake (RETIRED) gentoo-dev

2007-01-01 20:16:19 UTC


*** This bug has been marked as a duplicate of 158787 ***