Linux eCryptfs buffer overflow
Published:		29.07.2009
Source:		BUGTRAQ
SecurityVulns ID:		10108
Type:		local
Level:		6/10
Description:		Buffer overflows on parse_tag_11_packet and parse_tag_3_packet functions.

Affected:		LINUX : kernel 2.6
CVE:		CVE-2009-2407 (Heap-based buffer overflow in the parse_tag_3_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to a large encrypted key size in a Tag 3 packet.)
		CVE-2009-2406 (Stack-based buffer overflow in the parse_tag_11_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to not ensuring that the key signature length in a Tag 11 packet is compatible with the key signature buffer size.)

Original document		RISE Security, [RISE-2009003] Linux eCryptfs parse_tag_3_packet Encrypted Key Buffer Overflow Vulnerability (29.07.2009)
		RISE Security, [RISE-2009002] Linux eCryptfs parse_tag_11_packet Literal Data Buffer Overflow Vulnerability (29.07.2009)

Discuss:

Read or add your comments to this news (0 comments)