[CVE-2008-1375] Race condition in dnotify.c leads to local DoS and possible privelege escalation

Bug #225948 reported by Till Ulen
260
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

Description from the National Vulnerability Database:

"Race condition in the directory notification subsystem (dnotify) in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service (OOPS) and possible gain privileges via unspecified vectors."

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1375

CVE References

Revision history for this message
Leann Ogasawara (leannogasawara) wrote :

Thanks Alexander. The security team is currently merging fixes and this is already on their to do list. Just wanted to let you know. Thanks.

Revision history for this message
Leann Ogasawara (leannogasawara) wrote :

Just marking this bug as "Fix Released" as it looks like the security team has provided a security update for this:

http://www.ubuntu.com/usn/usn-614-1

Thanks.

Changed in linux:
status: New → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.