CVE-2011-2928

Priority
Low
Description
The befs_follow_link function in fs/befs/linuxvfs.c in the Linux kernel
before 3.1-rc3 does not validate the length attribute of long symlinks,
which allows local users to cause a denial of service (incorrect pointer
dereference and OOPS) by accessing a long symlink on a malformed Be
filesystem.
Ubuntu-Description
Time Warns discovered that long symlinks were incorrectly handled on Be
filesystems. A local attacker could exploit this with a malformed Be
filesystem and crash the system, leading to a denial of service.
References
Bugs
Package
Upstream:released (3.1~rc3)
Package
Upstream:released (3.1~rc3)
Package
Upstream:released (3.1~rc3)
Package
Upstream:released (3.1~rc3)
Package
Upstream:released (3.1~rc3)
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (3.1~rc3)
Patches:
Upstream:http://git.kernel.org/linus/338d0f0a6fbc82407864606f5b64b75aeb3c70f2
Package
Upstream:released (3.1~rc3)
Package
Upstream:released (3.1~rc3)
More Information

Updated: 2017-08-11 23:48:10 UTC (commit 13081)