[Linux-cluster] gfs2 security issue
yvette hirth
yvette at dbtgroup.com
Fri Apr 30 15:59:30 UTC 2010
i just saw this on a SANS security vulnerability alert. is everyone
aware of this?
10.18.18 CVE: Not Available
Platform: Linux
Title: Linux Kernel "gfs2_quota" Structure Write Local Privilege
Escalation
Description: The Linux kernel is exposed to a local
privilege escalation issue affecting the "gfs2" file system.
Specifically, when a "gfs2_quota" structure straddles a page boundary,
updates to the structure are not correctly written to disk. This can
result in a buffer overflow condition which may lead to memory
corruption.
Ref: http://www.securityfocus.com/bid/39715
fyi
yvette hirth
More information about the Linux-cluster
mailing list