Bug 217018 - CVE-2006-6054 ext2_check_page denial of service
CVE-2006-6054 ext2_check_page denial of service
Status: CLOSED CURRENTRELEASE
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: kernel (Show other bugs)
5.0
All Linux
medium Severity low
: ---
: ---
Assigned To: Eric Sandeen
Brian Brock
impact=low,source=internet,reported=2...
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-11-23 03:01 EST by Marcel Holtmann
Modified: 2007-11-30 17:07 EST (History)
2 users (show)

See Also:
Fixed In Version: RC
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-02-07 19:53:12 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Marcel Holtmann 2006-11-23 03:01:16 EST
From MOKB-12-11-2006:

http://projects.info-pull.com/mokb/MOKB-12-11-2006.html

The ext2 filesystem code fails to properly handle corrupted data structures,
leading to an exploitable denial of service issue when read operation is being
done on a crafted fs stream.
Comment 2 Eric Sandeen 2007-01-02 12:21:45 EST
I have a patch for this in -mm now so fine w/ me for devel ack.  Will post it soon.
Comment 4 Jay Turner 2007-01-04 07:31:31 EST
QE ack for RHEL5.
Comment 5 Jay Turner 2007-01-10 10:51:01 EST
Built into 2.6.18-1.3002.el5.
Comment 7 Don Zickus 2007-01-10 18:53:01 EST
in 2.6.18-1.3002.el5
Comment 8 RHEL Product and Program Management 2007-02-07 19:53:12 EST
A package has been built which should help the problem described in 
this bug report. This report is therefore being closed with a resolution 
of CURRENTRELEASE. You may reopen this bug report if the solution does 
not work for you.

Note You need to log in before you can comment on or make changes to this bug.