Bug#303500: CAN-2005-0400: EXT2 File System Information Leak Vulnerability

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#303500: CAN-2005-0400: EXT2 File System Information Leak Vulnerability
From: "Geoff Crompton" <geoffc@strategicdata.com.au>
Date: Thu, 07 Apr 2005 12:59:54 +1000
Message-id: <[🔎] 20050407025954.B5BFFC000D48@sd01.mel.strategicdata.com.au>
Reply-to: "Geoff Crompton" <geoffc@strategicdata.com.au>, 303500@bugs.debian.org

Package: kernel-source-2.6.8
Version: 2.6.8-15
Severity: normal

Information leak in ext2 code. Quoting from USN-103-1:
>Mathieu Lafon discovered an information leak in the ext2 file system
>driver. When a new directory was created, the ext2 block written to
>disk was not initialized, so that previous memory contents (which
>could contain sensitive data like passwords) became visible on the raw
>device. This is particularly important if the target device is
>removable and thus can be read by users other than root. 

The patch 2.6.11.6 that deals with this is:
--- a/fs/ext2/dir.c 2005-03-25 19:28:57 -08:00
+++ b/fs/ext2/dir.c 2005-03-25 19:28:57 -08:00
@@ -592,6 +592,7 @@
		goto fail;
	}
	kaddr = kmap_atomic(page, KM_USER0);
+	memset(kaddr, 0, chunk_size);
	de = (struct ext2_dir_entry_2 *)kaddr;
	de->name_len = 1;
	de->rec_len = cpu_to_le16(EXT2_DIR_REC_LEN(1));

Reply to:

Prev by Date: Re: non-free firmware in kernel modules, aggregation and unclear copyright notice.
Next by Date: Bug#303498: CAN-2005-0749: Elf Binary Loading Local DoS
Previous by thread: Bug#303491: MACE not detected by kernel/initrd
Next by thread: Bug#303498: CAN-2005-0749: Elf Binary Loading Local DoS
Index(es):
- Date
- Thread