CVE-2008-4933 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2008-4933
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-4933

Description: Buffer overflow in the hfsplus_find_cat function in fs/hfsplus/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an hfsplus filesystem image with an invalid catalog namelength field, related to the hfsplus_cat_build_key_uni function.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/46405 UBUNTU http://www.ubuntu.com/usn/usn-679-1 SUSE http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00006.html SAID Secunia Advisory: SA32918 Secunia Advisory: SA33180 Secunia Advisory: SA32510 Secunia Advisory: SA32998 Secunia Advisory: SA33641 Secunia Advisory: SA33704 Secunia Advisory: SA33556 Secunia Advisory: SA33858 REDHAT http://www.redhat.com/support/errata/RHSA-2009-0014.html http://rhn.redhat.com/errata/RHSA-2009-0264.html MLIST http://www.openwall.com/lists/oss-security/2008/11/03/2 MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:234 DEBIAN http://www.debian.org/security/2008/dsa-1687 http://www.debian.org/security/2008/dsa-1681 CONFIRM http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.28-rc1 http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git;a=commit;h=efc7ffcb4237f8cb9938909041c4ed38f6e1bf40 BID 32093

Return to the previous page.