CVE 2009-2908
The d_delete function in fs/ecryptfs/inode.c in eCryptfs in the Linux kernel 2.6.31 allows local users to cause a denial of service (kernel OOPS) and possibly execute arbitrary code via unspecified vectors that cause a "negative dentry" and trigger a NULL pointer dereference, as demonstrated via a Mutt temporary directory in an eCryptfs mount.
Related bugs and status
CVE-2009-2908 (Candidate) is related to these bugs:
Bug #387073: BUG: unable to handle kernel NULL pointer dereference at 0000000000000228
Bug #395973: Please update kernel to version 2.6.24-26.34 to fix several security vulnerabilities
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
395973 | Please update kernel to version 2.6.24-26.34 to fix several security vulnerabilities | The Dell Mini Project | Undecided | Confirmed |
See the
CVE page on Mitre.org
for more details.