New Search

VMware kernel fs/ext2/dir.c fs/ext3/dir.c and possibly fs/ext4/dir.c vulnerability

oval:org.mitre.oval:def:8642

The error-reporting functionality in (1) fs/ext2/dir.c (2) fs/ext3/dir.c and possibly (3) fs/ext4/dir.c in the Linux kernel 2.6.26.5 does not limit the number of printk console messages that report directory corruption which allows physically proximate attackers to cause a denial of service (temporary system hang) by mounting a filesystem that has corrupted dir->i_size and dir->i_blocks values and performing (a) read or (b) write operations. NOTE: there are limited scenarios in which this crosses privilege boundaries.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • VMWare ESX Server 4.0
Class:
vulnerability
Reference(s):
  • CVE-2008-3528
Product(s):