QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2009-2407

Back to search

CVE-2009-2407

Published: Jul 31, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

Heap-based buffer overflow in the parse_tag_3_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to a large encrypted key size in a Tag 3 packet.

VendorProductVersions

n/a

n/a

affected
n/a

References

35985
third-party-advisory
x_refsource_SECUNIA
36131
third-party-advisory
x_refsource_SECUNIA
37471
third-party-advisory
x_refsource_SECUNIA
FEDORA-2009-8144
vendor-advisory
x_refsource_FEDORA
DSA-1844
vendor-advisory
x_refsource_DEBIAN
USN-807-1
vendor-advisory
x_refsource_UBUNTU
RHSA-2009:1193
vendor-advisory
x_refsource_REDHAT
SUSE-SR:2009:015
vendor-advisory
x_refsource_SUSE
FEDORA-2009-8264
vendor-advisory
x_refsource_FEDORA
36051
third-party-advisory
x_refsource_SECUNIA
35850
vdb-entry
x_refsource_BID
oval:org.mitre.oval:def:11255
vdb-entry
signature
x_refsource_OVAL
36045
third-party-advisory
x_refsource_SECUNIA
36116
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:8057
vdb-entry
signature
x_refsource_OVAL
36054
third-party-advisory
x_refsource_SECUNIA
ADV-2009-2041
vdb-entry
x_refsource_VUPEN
DSA-1845
vendor-advisory
x_refsource_DEBIAN
ADV-2009-3316
vdb-entry
x_refsource_VUPEN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now