Stack-based buffer overflow in the parse_tag_11_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to not ensuring that the key signature length in a Tag 11 packet is compatible with the key signature buffer size.
No CVSS v3.1
No CVSS v3.0
Access Vector Local
Access Complexity Medium
Authentication None
Confidentiality Impact Complete
Integrity Impact Complete
Availability Impact Complete
AV:L/AC:M/Au:N/C:C/I:C/A:C
Vendors | Products |
---|---|
Linux |
|
Configuration 1 [-]
|
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2009-07-31T18:29:00
Updated: 2018-10-10T18:57:01
Reserved: 2009-07-09T00:00:00
Link: CVE-2009-2406
JSON object: View
NVD Information
Status : Modified
Published: 2009-07-31T19:00:01.157
Modified: 2023-02-13T02:20:15.920
Link: CVE-2009-2406
JSON object: View
Redhat Information
No data.
CWE