Rafal Wojtczuk of McAfee AVERT Research discovered multiple integer overflows in
e2fsprogs. These flaws could result in the execution of arbitrary code if a
program using libext2fs (e2fsck, dumpe2fs, pygrub) is used to process a
Under normal conditions this practice is not common. The most plausible attack
would be to leverage this flaw in a virtualized environment to gain access to dom0.
Red Hat would like to thank Rafal Wojtczuk of McAfee Avert Research for responsibly disclosing these issues.
Created attachment 271731 [details]
Proposed upstream patch
This is public now:
Created attachment 280781 [details]
Final upstream patch
This issue was addressed in:
Red Hat Enterprise Linux: