LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Kernel prepatch 3.9-rc6

LWN.net Weekly Edition for April 4, 2013

LWN.net Weekly Edition for March 28, 2013

A kernel change breaks GlusterFS

PyCon: Evangelizing Python

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

kernel: denial of service

Package(s):kernel CVE #(s):CVE-2009-4307
Created:January 7, 2010 Updated:December 19, 2012
Description: From the SuSE alert:

The ext4_fill_flex_info function in fs/ext4/super.c in the Linux kernel allows user-assisted remote attackers to cause a denial of service (divide-by-zero error and panic) via a malformed ext4 filesystem containing a super block with a large FLEX_BG group size (aka s_log_groups_per_flex value).

Alerts:
Mandriva MDVSA-2011:029 2011-02-17
Red Hat RHSA-2010:0380-01 2010-04-27
Red Hat RHSA-2010:0178-02 2010-03-30
SuSE SUSE-SA:2010:005 2010-01-15
SuSE SUSE-SA:2010:001 2010-01-07
Debian DSA-2443-1 2012-03-26
CentOS CESA-2012:1445 2012-11-13
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds