CVE-2011-2928

Priority
Description
The befs_follow_link function in fs/befs/linuxvfs.c in the Linux kernel
before 3.1-rc3 does not validate the length attribute of long symlinks,
which allows local users to cause a denial of service (incorrect pointer
dereference and OOPS) by accessing a long symlink on a malformed Be
filesystem.
Ubuntu-Description
Time Warns discovered that long symlinks were incorrectly handled on Be
filesystems. A local attacker could exploit this with a malformed Be
filesystem and crash the system, leading to a denial of service.
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (3.1~rc3)
Patches:
Upstream:http://git.kernel.org/linus/338d0f0a6fbc82407864606f5b64b75aeb3c70f2
Package
Upstream:released (3.1~rc3)
Package
Upstream:released (3.1~rc3)
Package
Upstream:released (3.1~rc3)
Package
Upstream:released (3.1~rc3)
Package
Upstream:released (3.1~rc3)
Package
Upstream:released (3.1~rc3)
Package
Upstream:released (3.1~rc3)
More Information

Updated: 2018-10-31 21:00:50 UTC (commit cfa7cf69d76449ccff972ac22f40976a08d908c2)