The gfs2 filesystem code fails to properly handle corrupted data structures,
leading to an exploitable denial of service issue when a crafted stream is being
mounted. This particular vulnerability is caused by a NULL pointer dereference
in the init_journal function.
Created attachment 144912 [details]
Created attachment 144947 [details]
New proposed patch
Built into 2.6.18-1.3002.el5.
A package has been built which should help the problem described in
this bug report. This report is therefore being closed with a resolution
of CURRENTRELEASE. You may reopen this bug report if the solution does
not work for you.