CVE-2011-2928

Priority
Description
The befs_follow_link function in fs/befs/linuxvfs.c in the Linux kernel
before 3.1-rc3 does not validate the length attribute of long symlinks,
which allows local users to cause a denial of service (incorrect pointer
dereference and OOPS) by accessing a long symlink on a malformed Be
filesystem.
Ubuntu-Description
Time Warns discovered that long symlinks were incorrectly handled on Be
filesystems. A local attacker could exploit this with a malformed Be
filesystem and crash the system, leading to a denial of service.
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (3.1~rc3)
Patches:
Upstream:http://git.kernel.org/linus/338d0f0a6fbc82407864606f5b64b75aeb3c70f2
Package
Upstream:released (3.1~rc3)
Package
Upstream:released (3.1~rc3)
Package
Upstream:released (3.1~rc3)
Package
Upstream:released (3.1~rc3)
Package
Upstream:released (3.1~rc3)
Package
Upstream:released (3.1~rc3)
Package
Upstream:released (3.1~rc3)
More Information

Updated: 2019-03-19 11:59:38 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)