Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2009-2406

Опубликовано: 28 июл. 2009
Источник: redhat
CVSS2: 7.2
EPSS Низкий

Описание

Stack-based buffer overflow in the parse_tag_11_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to not ensuring that the key signature length in a Tag 11 packet is compatible with the key signature buffer size.

Отчет

The Linux kernel as shipped with Red Hat Enterprise Linux 3, 4, and Red Hat Enterprise MRG did not include support for eCryptfs, and therefore are not affected by this issue.

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-130->CWE-122
https://bugzilla.redhat.com/show_bug.cgi?id=512861kernel: ecryptfs stack overflow in parse_tag_11_packet()

EPSS

Процентиль: 51%
0.00281
Низкий

7.2 High

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2009-2406

ubuntu
почти 16 лет назад

Stack-based buffer overflow in the parse_tag_11_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to not ensuring that the key signature length in a Tag 11 packet is compatible with the key signature buffer size.

nvd логотип

CVE-2009-2406

nvd
почти 16 лет назад

Stack-based buffer overflow in the parse_tag_11_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to not ensuring that the key signature length in a Tag 11 packet is compatible with the key signature buffer size.

debian логотип

CVE-2009-2406

debian
почти 16 лет назад

Stack-based buffer overflow in the parse_tag_11_packet function in fs/ ...

github логотип

GHSA-86jh-hvhg-x8w9

github
около 3 лет назад

Stack-based buffer overflow in the parse_tag_11_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to not ensuring that the key signature length in a Tag 11 packet is compatible with the key signature buffer size.

oracle-oval логотип

ELSA-2009-1193

oracle-oval
почти 16 лет назад

ELSA-2009-1193: kernel security and bug fix update (IMPORTANT)

EPSS

Процентиль: 51%
0.00281
Низкий

7.2 High

CVSS2