Back to search
CVE-2009-4307
Published: Dec 13, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
The ext4_fill_flex_info function in fs/ext4/super.c in the Linux kernel before 2.6.32-git6 allows user-assisted remote attackers to cause a denial of service (divide-by-zero error and panic) via a malformed ext4 filesystem containing a super block with a large FLEX_BG group size (aka s_log_groups_per_flex value).
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
38276
third-party-advisory
x_refsource_SECUNIA
[linux-kernel] 20091209 [GIT PULL] ext4 updates for v2.6.33
mailing-list
x_refsource_MLIST
RHSA-2010:0380
vendor-advisory
x_refsource_REDHAT
http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.32-git6.log
x_refsource_CONFIRM
oval:org.mitre.oval:def:9874
vdb-entry
signature
x_refsource_OVAL
SUSE-SA:2010:001
vendor-advisory
x_refsource_SUSE
http://bugzilla.kernel.org/show_bug.cgi?id=14287
x_refsource_CONFIRM
37658
third-party-advisory
x_refsource_SECUNIA
SUSE-SA:2010:005
vendor-advisory
x_refsource_SUSE
MDVSA-2011:029
vendor-advisory
x_refsource_MANDRIVA
38017
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now