Launchpad.net

CVE 2009-2908

The d_delete function in fs/ecryptfs/inode.c in eCryptfs in the Linux kernel 2.6.31 allows local users to cause a denial of service (kernel OOPS) and possibly execute arbitrary code via unspecified vectors that cause a "negative dentry" and trigger a NULL pointer dereference, as demonstrated via a Mutt temporary directory in an eCryptfs mount.

Related bugs and status

CVE-2009-2908 (Candidate) is related to these bugs:

Bug #387073: BUG: unable to handle kernel NULL pointer dereference at 0000000000000228

		In	Importance	Status
387073	BUG: unable to handle kernel NULL pointer dereference at 0000000000000228	linux (Ubuntu)	High	Fix Released
387073	BUG: unable to handle kernel NULL pointer dereference at 0000000000000228	ecryptfs-utils (Ubuntu)	Undecided	Invalid
387073	BUG: unable to handle kernel NULL pointer dereference at 0000000000000228	eCryptfs	High	Fix Released
387073	BUG: unable to handle kernel NULL pointer dereference at 0000000000000228	mutt (Ubuntu)	Undecided	Invalid
387073	BUG: unable to handle kernel NULL pointer dereference at 0000000000000228	mutt (Ubuntu Hardy)	Undecided	Invalid
387073	BUG: unable to handle kernel NULL pointer dereference at 0000000000000228	ecryptfs-utils (Ubuntu Hardy)	Undecided	Invalid
387073	BUG: unable to handle kernel NULL pointer dereference at 0000000000000228	linux (Ubuntu Hardy)	High	Fix Released
387073	BUG: unable to handle kernel NULL pointer dereference at 0000000000000228	mutt (Ubuntu Intrepid)	Undecided	Invalid
387073	BUG: unable to handle kernel NULL pointer dereference at 0000000000000228	ecryptfs-utils (Ubuntu Intrepid)	Undecided	Invalid
387073	BUG: unable to handle kernel NULL pointer dereference at 0000000000000228	linux (Ubuntu Intrepid)	High	Fix Released
387073	BUG: unable to handle kernel NULL pointer dereference at 0000000000000228	mutt (Ubuntu Jaunty)	Undecided	Invalid
387073	BUG: unable to handle kernel NULL pointer dereference at 0000000000000228	ecryptfs-utils (Ubuntu Jaunty)	Undecided	Invalid
387073	BUG: unable to handle kernel NULL pointer dereference at 0000000000000228	linux (Ubuntu Jaunty)	High	Fix Released
387073	BUG: unable to handle kernel NULL pointer dereference at 0000000000000228	mutt (Ubuntu Karmic)	Undecided	Invalid
387073	BUG: unable to handle kernel NULL pointer dereference at 0000000000000228	ecryptfs-utils (Ubuntu Karmic)	Undecided	Invalid
387073	BUG: unable to handle kernel NULL pointer dereference at 0000000000000228	linux (Ubuntu Karmic)	High	Fix Released

Bug #395973: Please update kernel to version 2.6.24-26.34 to fix several security vulnerabilities

Summary				In	Importance	Status
	395973	Please update kernel to version 2.6.24-26.34 to fix several security vulnerabilities		The Dell Mini Project	Undecided	Confirmed

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2009-2908

Related bugs and status

Related bugs

References