Back to search
CVE-2008-3275
Published: Aug 12, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel before 2.6.25.15 do not prevent creation of a child dentry for a deleted (aka S_DEAD) directory, which allows local users to cause a denial of service ("overflow" of the UBIFS orphan area) via a series of attempted file creations within deleted directories.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
DSA-1630
vendor-advisory
x_refsource_DEBIAN
RHSA-2008:0885
vendor-advisory
x_refsource_REDHAT
USN-637-1
vendor-advisory
x_refsource_UBUNTU
[linux-kernel] 20080702 Is VFS behavior fine?
mailing-list
x_refsource_MLIST
32190
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:6551
vdb-entry
signature
x_refsource_OVAL
DSA-1636
vendor-advisory
x_refsource_DEBIAN
31614
third-party-advisory
x_refsource_SECUNIA
31881
third-party-advisory
x_refsource_SECUNIA
32104
third-party-advisory
x_refsource_SECUNIA
31551
third-party-advisory
x_refsource_SECUNIA
ADV-2008-2430
vdb-entry
x_refsource_VUPEN
RHSA-2008:0857
vendor-advisory
x_refsource_REDHAT
RHSA-2009:0014
vendor-advisory
x_refsource_REDHAT
SUSE-SA:2008:048
vendor-advisory
x_refsource_SUSE
1020739
vdb-entry
x_refsource_SECTRACK
33280
third-party-advisory
x_refsource_SECUNIA
33556
third-party-advisory
x_refsource_SECUNIA
30647
vdb-entry
x_refsource_BID
32023
third-party-advisory
x_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=457858
x_refsource_CONFIRM
MDVSA-2008:220
vendor-advisory
x_refsource_MANDRIVA
32344
third-party-advisory
x_refsource_SECUNIA
linux-kernel-ubifs-dos(44410)
vdb-entry
x_refsource_XF
RHSA-2008:0973
vendor-advisory
x_refsource_REDHAT
31836
third-party-advisory
x_refsource_SECUNIA
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.15
x_refsource_CONFIRM
RHSA-2008:0787
vendor-advisory
x_refsource_REDHAT
SUSE-SA:2008:049
vendor-advisory
x_refsource_SUSE
33201
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:10744
vdb-entry
signature
x_refsource_OVAL
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now