QwikSec

Security Database

CVE

CWE

Training

CVE-2011-2695

Published: Jul 28, 2011

Modified: Aug 6, 2024

PUBLISHED

Description

Multiple off-by-one errors in the ext4 subsystem in the Linux kernel before 3.0-rc5 allow local users to cause a denial of service (BUG_ON and system crash) by accessing a sparse file in extent format with a write operation involving a block number corresponding to the largest possible 32-bit unsigned integer.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20110715 Re: CVE Request -- kernel: ext4: kernel panic when writing data to the last block of sparse file

mailing-list

x_refsource_MLIST

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f17722f917b2f21497deb6edc62fb1683daa08e6

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=722557

x_refsource_CONFIRM

[linux-ext4] 20110603 [PATCH 1/2] ext4: Fix max file size and logical block counting of extent format file

mailing-list

x_refsource_MLIST

[oss-security] 20110715 CVE Request -- kernel: ext4: kernel panic when writing data to the last block of sparse file

mailing-list

x_refsource_MLIST

http://www.kernel.org/pub/linux/kernel/v3.0/testing/ChangeLog-3.0-rc5

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.