CVE-2008-3275
First published: Tue Aug 05 2008(Updated: )
Description of problem: Zoltan Sogor noticed this VFS behaviour while testing UBIFS. Lookup can install a child dentry for a deleted directory. This keeps the directory dentry alive, and the inode pinned in the cache and on disk, even after all external references have gone away. This isn't a big problem normally, since memory pressure or umount will clear out the directory dentry and its children, releasing the inode. But for UBIFS this causes problems because its orphan area can overflow. <a href="http://lkml.org/lkml/2008/7/2/83">http://lkml.org/lkml/2008/7/2/83</a> <a href="http://www.linux-mtd.infradead.org/doc/ubifs.html">http://www.linux-mtd.infradead.org/doc/ubifs.html</a>
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Linux kernel | <2.6.25.15 | |
| Debian Debian Linux | =4.0 | |
| Canonical Ubuntu Linux | =6.06 | |
| Canonical Ubuntu Linux | =7.04 | |
| Canonical Ubuntu Linux | =7.10 | |
| Canonical Ubuntu Linux | =8.04 | |
| SUSE SUSE Linux Enterprise Desktop | =10-sp1 | |
| SUSE SUSE Linux Enterprise Server | =10-sp1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lkml.org/lkml/2008/7/2/83
- http://www.linux-mtd.infradead.org/doc/ubifs.html
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=d70b67c8bc72ee23b55381bd6a884f4796692f77
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=313417&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=313417&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=313514&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=313514&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=313515&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=313515&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=457812
- https://bugzilla.redhat.com/show_bug.cgi?id=457858
- http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.15
- http://www.securityfocus.com/bid/30647
- http://secunia.com/advisories/31614
- http://www.securitytracker.com/id?1020739
- http://secunia.com/advisories/31881
- http://www.debian.org/security/2008/dsa-1636
- http://secunia.com/advisories/32023
- http://www.redhat.com/support/errata/RHSA-2008-0885.html
- http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00001.html
- http://secunia.com/advisories/32190
- http://www.redhat.com/support/errata/RHSA-2008-0857.html
- http://secunia.com/advisories/31836
- http://www.debian.org/security/2008/dsa-1630
- http://secunia.com/advisories/31551
- http://www.redhat.com/support/errata/RHSA-2008-0973.html
- http://secunia.com/advisories/33201
- http://secunia.com/advisories/33556
- http://www.redhat.com/support/errata/RHSA-2009-0014.html
- http://secunia.com/advisories/32104
- http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00003.html
- http://secunia.com/advisories/33280
- http://www.redhat.com/support/errata/RHSA-2008-0787.html
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:220
- http://www.vupen.com/english/advisories/2008/2430
- http://secunia.com/advisories/32344
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44410
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6551
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10744
- https://usn.ubuntu.com/637-1/
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d70b67c8bc72ee23b55381bd6a884f4796692f77
- agent/type
- agent/first-publish-date
- agent/remedy
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/severity
- agent/author
- agent/weakness
- agent/references
- agent/softwarecombine
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/tags
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2008-3275
- vendor/linux
- canonical/linux linux kernel
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/4.0
- vendor/canonical
- canonical/canonical ubuntu linux
- version/canonical ubuntu linux/6.06
- version/canonical ubuntu linux/7.04
- version/canonical ubuntu linux/7.10
- version/canonical ubuntu linux/8.04
- vendor/suse
- canonical/suse suse linux enterprise desktop
- version/suse suse linux enterprise desktop/10-sp1
- canonical/suse suse linux enterprise server
- version/suse suse linux enterprise server/10-sp1