The error-reporting functionality in (1) fs/ext2/dir.c, (2) fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel 2.6.26.5 does not limit the number of printk console messages that report directory corruption, which allows physically proximate attackers to cause a denial of service (temporary system hang) by mounting a filesystem that has corrupted dir->i_size and dir->i_blocks values and performing (a) read or (b) write operations. NOTE: there are limited scenarios in which this crosses privilege boundaries.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Linux_kernel | Linux | 2.6.26.5 (including) | 2.6.26.5 (including) |
| MRG for RHEL-5 | RedHat | kernel-rt-0:2.6.24.7-93.el5rt | * |
| Red Hat Enterprise Linux 4 | RedHat | kernel-0:2.6.9-78.0.8.EL | * |
| Red Hat Enterprise Linux 5 | RedHat | kernel-0:2.6.18-128.1.6.el5 | * |
| Linux | Ubuntu | hardy | * |
| Linux | Ubuntu | upstream | * |
| Linux-source-2.6.15 | Ubuntu | dapper | * |
| Linux-source-2.6.15 | Ubuntu | upstream | * |
| Linux-source-2.6.20 | Ubuntu | feisty | * |
| Linux-source-2.6.20 | Ubuntu | upstream | * |
| Linux-source-2.6.22 | Ubuntu | gutsy | * |
| Linux-source-2.6.22 | Ubuntu | upstream | * |