Описание
The fuse_direct_io function in fs/fuse/file.c in the fuse subsystem in the Linux kernel before 2.6.32-rc7 might allow attackers to cause a denial of service (invalid pointer dereference and OOPS) via vectors possibly related to a memory-consumption attack.
Отчет
Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/CVE-2009-4021 The Linux kernel packages as shipped with Red Hat Enterprise Linux 3 and 4 do not include support for FUSE, and therefore are not affected by this issue. A future kernel update for Red Hat Enterprise MRG will address this flaw.
Дополнительная информация
Статус:
4.6 Medium
CVSS2
Связанные уязвимости
The fuse_direct_io function in fs/fuse/file.c in the fuse subsystem in the Linux kernel before 2.6.32-rc7 might allow attackers to cause a denial of service (invalid pointer dereference and OOPS) via vectors possibly related to a memory-consumption attack.
The fuse_direct_io function in fs/fuse/file.c in the fuse subsystem in the Linux kernel before 2.6.32-rc7 might allow attackers to cause a denial of service (invalid pointer dereference and OOPS) via vectors possibly related to a memory-consumption attack.
The fuse_direct_io function in fs/fuse/file.c in the fuse subsystem in ...
The fuse_direct_io function in fs/fuse/file.c in the fuse subsystem in the Linux kernel before 2.6.32-rc7 might allow attackers to cause a denial of service (invalid pointer dereference and OOPS) via vectors possibly related to a memory-consumption attack.
ELSA-2010-0046: kernel security and bug fix update (IMPORTANT)
4.6 Medium
CVSS2