Red Hat Bugzilla – Bug 470769
CVE-2008-5025 kernel: hfs: fix namelength memory corruption
Last modified: 2010-12-23 19:32:44 EST
From: Eric Sesterhenn: Fix a stack corruption caused by a corrupted hfs filesystem. If the catalog name length is corrupted the memcpy overwrites the catalog btree structure. Since the field is limited to HFS_NAMELEN bytes in the
structure and the file format, we throw an error if it is too long.
Proposed upstream patch:
Created attachment 323040 [details]
Proposed upstream patch
*** Bug 469652 has been marked as a duplicate of this bug. ***
kernel-126.96.36.199-57.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
This was addressed via:
Red Hat Enterprise Linux version 4 (RHSA-2009:0014)
Red Hat Enterprise Linux version 5 (RHSA-2009:0264)