← voltar
CVE-2009-0745

CVE-2009-0745

EPSS 0.4%
The ext4_group_add function in fs/ext4/resize.c in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 does not properly initialize the group descriptor during a resize (aka resize2fs) operation, which might allow local users to cause a denial of service (OOPS) by arranging for crafted values to be present in available memory.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://bugzilla.kernel.org/show_bug.cgi?id=12433http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fdff73f094e7220602cc3f8959c7230517976412http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.19http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.7http://rhn.redhat.com/errata/RHSA-2009-1243.htmlhttp://secunia.com/advisories/34394http://secunia.com/advisories/34981http://secunia.com/advisories/36562http://secunia.com/advisories/37471https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10942https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7765http://www.debian.org/security/2009/dsa-1749