CVE-2009-2908

Priority
Medium
Description
The d_delete function in fs/ecryptfs/inode.c in eCryptfs in the Linux
kernel 2.6.31 allows local users to cause a denial of service (kernel OOPS)
and possibly execute arbitrary code via unspecified vectors that cause a
"negative dentry" and trigger a NULL pointer dereference, as demonstrated
via a Mutt temporary directory in an eCryptfs mount.
References
Bugs
Package
Upstream:needs-triage
Package
Source: linux (LP Ubuntu Debian)
Upstream:needs-triage
Patches:
Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2Fixed by 9c2d2056647790c5034d722bd24e9d913ebca73c
More Information

Updated: 2016-09-21 16:14:46 UTC (commit 11514)