Bug 217008 - CVE-2006-6057 gfs2 init_journal denial of service
CVE-2006-6057 gfs2 init_journal denial of service
Status: CLOSED CURRENTRELEASE
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: kernel (Show other bugs)
5.0
All Linux
medium Severity low
: ---
: ---
Assigned To: Russell Cattelan
Brian Brock
impact=low,source=internet,reported=2...
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-11-23 00:50 EST by Marcel Holtmann
Modified: 2007-11-30 17:07 EST (History)
4 users (show)

See Also:
Fixed In Version: RC
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-02-07 19:52:05 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Proposed fix (1.38 KB, patch)
2007-01-05 11:28 EST, Russell Cattelan
no flags Details | Diff
New proposed patch (1.66 KB, patch)
2007-01-05 19:12 EST, Russell Cattelan
no flags Details | Diff


External Trackers
Tracker ID Priority Status Summary Last Updated
Linux Kernel 7738 None None None Never

  None (edit)
Description Marcel Holtmann 2006-11-23 00:50:01 EST
From MOKB-15-11-2006:

http://projects.info-pull.com/mokb/MOKB-15-11-2006.html

The gfs2 filesystem code fails to properly handle corrupted data structures,
leading to an exploitable denial of service issue when a crafted stream is being
mounted. This particular vulnerability is caused by a NULL pointer dereference
in the init_journal function.
Comment 4 Russell Cattelan 2007-01-05 11:28:22 EST
Created attachment 144912 [details]
Proposed fix
Comment 6 Russell Cattelan 2007-01-05 19:12:38 EST
Created attachment 144947 [details]
New proposed patch
Comment 7 Jay Turner 2007-01-10 10:26:31 EST
Built into 2.6.18-1.3002.el5.
Comment 9 Don Zickus 2007-01-10 18:56:06 EST
in 2.6.18-1.3002.el5
Comment 10 RHEL Product and Program Management 2007-02-07 19:52:05 EST
A package has been built which should help the problem described in 
this bug report. This report is therefore being closed with a resolution 
of CURRENTRELEASE. You may reopen this bug report if the solution does 
not work for you.

Note You need to log in before you can comment on or make changes to this bug.