oss-sec mailing list archives
Re: CVE request - kernel: ext4: Make sure the MOVE_EXT ioctl can't overwrite append-only files
From: Josh Bressers <bressers () redhat com>
Date: Wed, 9 Jun 2010 08:42:20 -0400 (EDT)
----- "Eugene Teo" <eugene () redhat com> wrote:
Using the EXT4_IOC_MOVE_EXT ioctl, it is possible to overwrite the contents of an append-only donor file. http://git.kernel.org/linus/1f5a81e41f8b1a782c68d3843e9ec1bfaadf7d72 https://bugzilla.redhat.com/show_bug.cgi?id=601006
Sorry for the delay.
Please use CVE-2010-2066
Thanks
--
JB
Current thread:
- CVE request - kernel: ext4: Make sure the MOVE_EXT ioctl can't overwrite append-only files Eugene Teo (Jun 06)
- Re: CVE request - kernel: ext4: Make sure the MOVE_EXT ioctl can't overwrite append-only files Josh Bressers (Jun 09)