Candidate: CVE-2009-2407
PublicDate: 2009-07-31 19:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2407
 https://ubuntu.com/security/notices/USN-807-1
Description:
 Heap-based buffer overflow in the parse_tag_3_packet function in
 fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before
 2.6.30.4 allows local users to cause a denial of service (system crash) or
 possibly gain privileges via vectors involving a crafted eCryptfs file,
 related to a large encrypted key size in a Tag 3 packet.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_linux-source-2.6.15:
upstream_linux-source-2.6.15: needs-triage
dapper_linux-source-2.6.15: not-affected
hardy_linux-source-2.6.15: DNE
intrepid_linux-source-2.6.15: DNE
jaunty_linux-source-2.6.15: DNE
devel_linux-source-2.6.15: DNE

Patches_linux:
upstream_linux: needs-triage
dapper_linux: DNE
hardy_linux: released (2.6.24-24.57)
intrepid_linux: released (2.6.27-14.37)
jaunty_linux: released (2.6.28-14.47)
devel_linux: not-affected (2.6.31.5.16)