7758 – minix_bmap denial of service (CVE-2006-6058)

Bug 7758 - minix_bmap denial of service (CVE-2006-6058)

Summary: minix_bmap denial of service (CVE-2006-6058)

Status:	CLOSED PATCH_ALREADY_AVAILABLE

Alias:	None

Product:	File System
Classification:	Unclassified
Component:	Other (show other bugs)
Hardware:	i386 Linux

Importance:	P2 normal
Assignee:	Eric Sandeen

URL:
Keywords:

Depends on:
Blocks:

Reported:	2007-01-01 17:12 UTC by Daniel Drake
Modified:	2008-04-16 05:52 UTC (History)
CC List:	2 users (show)

See Also:
Kernel Version:	2.6.19
Subsystem:
Regression:	---
Bisected commit-id:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Daniel Drake 2007-01-01 17:12:36 UTC

I can't seem to find a patch to fix this security vuln. Apologies if I missed
something. Mailed security@kernel.org about this but didn't get a response. I
guess this filesystem is not exactly heavily used these days...

http://projects.info-pull.com/mokb/MOKB-17-11-2006.html

Linux 2.6.x minix filesystem code fails to properly handle corrupted data
structures, leading to an exploitable denial of service issue when a crafted fs
stream is being mounted. 

See the above URL for a fs image which can be used to reproduce this.

Comment 1 Eric Sandeen 2007-06-07 08:05:03 UTC

I'll see if I can find some time to take a look at this one, so as not to
disappoint all the minixfs users out there :)

Comment 2 Natalie Protasevich 2008-04-16 00:29:37 UTC

Any updates on this bug?
Thanks.

Comment 3 Eric Sandeen 2008-04-16 05:52:16 UTC

Oh, yep - fixed a while ago, sorry:

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=f44ec6f3f89889a469773b1fd894f8fcc07c29cf

Note You need to log in before you can comment on or make changes to this bug.