Home page logo

oss-sec logo oss-sec mailing list archives

CVE Request -- kernel: xfs: potential buffer overflow in xfs_readlink()
From: Petr Matousek <pmatouse () redhat com>
Date: Wed, 26 Oct 2011 13:05:37 +0200

A flaw was found in the way Linux kernel's XFS filesystem implementation
handled links with pathname larger than MAXPATHLEN. When
CONFIG_XFS_DEBUG configuration option was not enabled when compiling
Linux kernel, an attacker able to mount malicious XFS image could use
this flaw to crash the system, or potentially, elevate his privileges
on that system.

Proposed upstream patch:


Petr Matousek / Red Hat Security Response Team

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]