oss-sec mailing list archives

CVE Request -- kernel: jbd/jbd2: invalid value of first log block leads to oops

From: Petr Matousek <pmatouse () redhat com>
Date: Fri, 11 Nov 2011 23:50:02 +0100

A flaw was found in the way Linux kernel's Journaling Block Device (JBD)
handled invalid log first block value. An attacker able to mount
malicious ext3 or ext4 image could use this flaw to crash the system.

Upstream commit:
8762202dd0d6e46854f786bdb6fb3780a1625efe

Reference:
https://bugzilla.redhat.com/show_bug.cgi?id=753341

Thanks,
-- 
Petr Matousek / Red Hat Security Response Team

Current thread:

CVE Request -- kernel: jbd/jbd2: invalid value of first log block leads to oops Petr Matousek (Nov 11)
- Re: CVE Request -- kernel: jbd/jbd2: invalid value of first log block leads to oops Kurt Seifried (Nov 13)