Candidate: CVE-2008-4933
PublicDate: 2008-11-05 15:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4933
 https://ubuntu.com/security/notices/USN-679-1
Description:
 Buffer overflow in the hfsplus_find_cat function in fs/hfsplus/catalog.c in
 the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of
 service (memory corruption or system crash) via an hfsplus filesystem image
 with an invalid catalog namelength field, related to the
 hfsplus_cat_build_key_uni function.
Ubuntu-Description:
 Eric Sesterhenn discovered multiple flaws in the HFS+ filesystem.  If a
 local user or automated system were tricked into mounting a malicious
 HFS+ filesystem, the system could crash, leading to a denial of service.
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_linux-source-2.6.15:
upstream_linux-source-2.6.15: released (2.6.28~rc1)
dapper_linux-source-2.6.15: released (2.6.15-53.74)
gutsy_linux-source-2.6.15: DNE
hardy_linux-source-2.6.15: DNE
intrepid_linux-source-2.6.15: DNE
devel_linux-source-2.6.15: DNE

Patches_linux-source-2.6.22:
upstream_linux-source-2.6.22: released (2.6.28~rc1)
dapper_linux-source-2.6.22: DNE
gutsy_linux-source-2.6.22: released (2.6.22-16.60)
hardy_linux-source-2.6.22: DNE
intrepid_linux-source-2.6.22: DNE
devel_linux-source-2.6.22: DNE

Patches_linux:
 upstream: efc7ffcb4237f8cb9938909041c4ed38f6e1bf40
upstream_linux: released (2.6.28~rc1)
dapper_linux: DNE
gutsy_linux: DNE
hardy_linux: released (2.6.24-22.45)
intrepid_linux: released (2.6.27-9.19)
devel_linux: not-affected