QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2009-2406

Back to search

CVE-2009-2406

Published: Jul 31, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

Stack-based buffer overflow in the parse_tag_11_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to not ensuring that the key signature length in a Tag 11 packet is compatible with the key signature buffer size.

VendorProductVersions

n/a

n/a

affected
n/a

References

35851
vdb-entry
x_refsource_BID
35985
third-party-advisory
x_refsource_SECUNIA
36131
third-party-advisory
x_refsource_SECUNIA
37471
third-party-advisory
x_refsource_SECUNIA
FEDORA-2009-8144
vendor-advisory
x_refsource_FEDORA
DSA-1844
vendor-advisory
x_refsource_DEBIAN
USN-807-1
vendor-advisory
x_refsource_UBUNTU
RHSA-2009:1193
vendor-advisory
x_refsource_REDHAT
oval:org.mitre.oval:def:10072
vdb-entry
signature
x_refsource_OVAL
oval:org.mitre.oval:def:8246
vdb-entry
signature
x_refsource_OVAL
SUSE-SR:2009:015
vendor-advisory
x_refsource_SUSE
FEDORA-2009-8264
vendor-advisory
x_refsource_FEDORA
36051
third-party-advisory
x_refsource_SECUNIA
36045
third-party-advisory
x_refsource_SECUNIA
36116
third-party-advisory
x_refsource_SECUNIA
MDVSA-2011:029
vendor-advisory
x_refsource_MANDRIVA
36054
third-party-advisory
x_refsource_SECUNIA
ADV-2009-2041
vdb-entry
x_refsource_VUPEN
DSA-1845
vendor-advisory
x_refsource_DEBIAN
1022663
vdb-entry
x_refsource_SECTRACK
ADV-2009-3316
vdb-entry
x_refsource_VUPEN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now
CVE-2009-2406 - Security Vulnerability | QwikSec