1. 14 Apr, 2004 1 commit
    • Dave Jones's avatar
      [PATCH] isofs buffer overflow fix · 6b4e4b90
      Dave Jones authored
      Merged in 2.4, and various vendor kernels..
      
        iDefense reported a buffer overflow flaw in the ISO9660 filesystem code.
        An attacker could create a malicious filesystem in such a way that they
        could gain root privileges if that filesystem is mounted. The Common
        Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
        CAN-2004-0109 to this issue.
      
      Ernie Petrides came up with the following patch which I fixed up a slight
      reject in to apply to 2.6. Otherwise, unchanged from the 2.4 patch.
      6b4e4b90
  2. 13 Apr, 2004 39 commits