Vigil@nce: Linux Kernel, denial of service via UBIFS
August 2008 by Vigil@nce
SYNTHESIS
A local attacker can generate a denial of service via the UBIFS
"delete_inode()" function.
Gravity: 1/4
Consequences: denial of service of computer
Provenance: user shell
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 22/08/2008
Identifier: VIGILANCE-VUL-8046
IMPACTED PRODUCTS
– Linux kernel [confidential versions]
– Unix - plateform
DESCRIPTION
The VFS (Virtual File-system) is a file-system top layer. This one
is used to make uniform file systems for clients.
UBIFS (UBI File System) is a journalised file system for flash
memory systems.
A coding error in the UBIFS environment of VFS, allow a local user
to exploit a memory leak.
In some cases the "delete_inode()" function of UBIFS, is not good
implemented and thus the function does not delete the directory
entry (dentry).
Therefore an attacker can realise an overflow on this inode.
CHARACTERISTICS
Identifiers: 457858, CVE-2008-3275, DSA 1630-1, VIGILANCE-VUL-8046