REDHAT-BUG-809687: Divide by Zero
First published: Wed Apr 04 2012(Updated: )
Commit 503358ae01b70ce6909d19dd01287093f6b6271c ("ext4: avoid divide by zero when trying to mount a corrupted file system") fixes <a href="https://access.redhat.com/security/cve/CVE-2009-4307">CVE-2009-4307</a> by performing a sanity check on s_log_groups_per_flex, since it can be set to a bogus value by an attacker. More info from Wang Xi: The first commit (503358ae) fixes the division by zero. The fix is not perfect because: 1) Theoretically, a standard-conforming C compiler could generate code that is still vulnerable to division by zero, but I was not aware of any compilers doing that. 2) Logically, we should have groups_per_flex = 2^s_log_groups_per_flex, and the fix doesn't really ensure that. This is obviously not good, but not sure how bad the consequence would be. Introduced by: <a href="http://git.kernel.org/linus/503358ae01b70ce6909d19dd01287093f6b6271c">http://git.kernel.org/linus/503358ae01b70ce6909d19dd01287093f6b6271c</a> Upstream commit: <a href="http://git.kernel.org/linus/d50f2ab6f050311dbf7b8f5501b25f0bf64a439b">http://git.kernel.org/linus/d50f2ab6f050311dbf7b8f5501b25f0bf64a439b</a>
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Red Hat Linux kernel | <=5.x |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://access.redhat.com/security/cve/CVE-2009-4307
- http://git.kernel.org/linus/503358ae01b70ce6909d19dd01287093f6b6271c
- http://git.kernel.org/linus/d50f2ab6f050311dbf7b8f5501b25f0bf64a439b
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=809693
- https://lkml.org/lkml/2012/2/20/422
- http://www.openwall.com/lists/oss-security/2012/04/12/11
- https://rhn.redhat.com/errata/RHSA-2012-1445.html
- https://rhn.redhat.com/errata/RHSA-2012-1580.html
- https://bugzilla.redhat.com/show_bug.cgi?id=809687
Frequently Asked Questions
What is the severity of REDHAT-BUG-809687?
The severity of REDHAT-BUG-809687 is classified as high due to the potential for a system crash when attempting to mount a corrupted file system.
How do I fix REDHAT-BUG-809687?
To fix REDHAT-BUG-809687, update the Red Hat kernel to version 5.x or later that includes the patch for CVE-2009-4307.
What systems are affected by REDHAT-BUG-809687?
The systems affected by REDHAT-BUG-809687 include any Red Hat Linux kernels up to and including version 5.x.
What does the patch for REDHAT-BUG-809687 address?
The patch for REDHAT-BUG-809687 addresses a divide by zero error that occurs when mounting corrupted Ext4 file systems.
What is CVE-2009-4307 in relation to REDHAT-BUG-809687?
CVE-2009-4307 is a vulnerability that REDHAT-BUG-809687 specifically fixes by adding a sanity check to prevent crashes when mounting corrupted file systems.
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2012-2100
- agent/source
- agent/severity
- agent/weakness
- agent/references
- agent/description
- agent/event
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/red hat
- canonical/red hat linux kernel