QwikSec

Security Database

CVE

CWE

Training

CVE-2008-3528

Published: Sep 27, 2008

Modified: Aug 7, 2024

PUBLISHED

Description

The error-reporting functionality in (1) fs/ext2/dir.c, (2) fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel 2.6.26.5 does not limit the number of printk console messages that report directory corruption, which allows physically proximate attackers to cause a denial of service (temporary system hang) by mounting a filesystem that has corrupted dir->i_size and dir->i_blocks values and performing (a) read or (b) write operations. NOTE: there are limited scenarios in which this crosses privilege boundaries.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

third-party-advisory

x_refsource_SECUNIA

[oss-security] 20080918 CVE-2008-3528 Linux kernel ext[234] directory corruption DoS

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_REDHAT

[linux-kernel] 20080918 Re: [PATCH 4/4] ext3: Avoid printk floods in the face of directory corruption

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_MANDRIVA

third-party-advisory

x_refsource_SECUNIA

[linux-kernel] 20080913 [PATCH 3/4] ext2: Avoid printk floods in the face of directory corruption

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_REDHAT

http://www.vmware.com/security/advisories/VMSA-2009-0016.html

x_refsource_CONFIRM

SUSE-SA:2008:052

vendor-advisory

x_refsource_SUSE

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_REDHAT

SUSE-SA:2008:053

vendor-advisory

x_refsource_SUSE

https://bugzilla.redhat.com/show_bug.cgi?id=459577

x_refsource_CONFIRM

kernel-errorreporting-dos(45720)

vdb-entry

x_refsource_XF

SUSE-SA:2008:056

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_UBUNTU

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components

mailing-list

x_refsource_BUGTRAQ

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_DEBIAN

third-party-advisory

x_refsource_SECUNIA

oval:org.mitre.oval:def:8642

vdb-entry

signature

x_refsource_OVAL

oval:org.mitre.oval:def:10852

vdb-entry

signature

x_refsource_OVAL

http://wiki.rpath.com/Advisories:rPSA-2008-0316

x_refsource_CONFIRM

http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0316

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

[linux-kernel] 20080913 [PATCH 4/4] ext3: Avoid printk floods in the face of directory corruption

mailing-list

x_refsource_MLIST

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

SUSE-SA:2008:051

vendor-advisory

x_refsource_SUSE

third-party-advisory

x_refsource_SECUNIA

SUSE-SA:2008:057

vendor-advisory

x_refsource_SUSE

SUSE-SR:2008:025

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_DEBIAN

vdb-entry

x_refsource_VUPEN

20081112 rPSA-2008-0316-1 kernel

mailing-list

x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.