CVE-2009-0269 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0269): fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel before 2.6.28.1 allows local users to cause a denial of service (fault or memory corruption), or possibly have unspecified other impact, via a readlink call that results in an error, leading to use of a -1 return value as an array index.
hardened-kernel unaffected at present time. Removing alias. PS: Anything using >=genpatches-2.6.27-10 is unaffected (with the sole exception of genpatches-2.6.28-1
I thought hardened had already taken care of this one with regard to the older kernel versions but apparently not. Adding back hardened-kernel; apologies for the noise. Note: this issue is not addressed in any stable patch or genpatches release for either 2.6.25 or 2.6.26. However, the patch does apply.