The d_delete function in fs/ecryptfs/inode.c in eCryptfs in the Linux
kernel 2.6.31 allows local users to cause a denial of service (kernel OOPS)
and possibly execute arbitrary code via unspecified vectors that cause a
"negative dentry" and trigger a NULL pointer dereference, as demonstrated
via a Mutt temporary directory in an eCryptfs mount.
Updated: 2016-09-21 16:14:46 UTC (commit 11514)