Public Date:
512885: CVE-2009-2407 kernel: ecryptfs heap overflow in parse_tag_3_packet()

The MITRE CVE dictionary describes this issue as:

Heap-based buffer overflow in the parse_tag_3_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to a large encrypted key size in a Tag 3 packet.

Find out more about CVE-2009-2407 from the MITRE CVE dictionary dictionary and NIST NVD.


The Linux kernel as shipped with Red Hat Enterprise Linux 3, 4, and Red Hat Enterprise MRG did not include support for eCryptfs, and therefore are not affected by this issue.

Red Hat Enterprise Linux 5 was vulnerable to this issue and was addressed via:

CVSS v2 metrics

Base Score 7.2
Base Metrics AV:L/AC:L/Au:N/C:C/I:C/A:C
Access Vector Local
Access Complexity Low
Authentication None
Confidentiality Impact Complete
Integrity Impact Complete
Availability Impact Complete

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 5 (kernel) RHSA-2009:1193 2009-08-04
Red Hat Enterprise Linux EUS (v. 5.3 server) (kernel) RHSA-2009:1193 2009-08-04


Red Hat would like to thank Ramon de C. Valle for reporting this issue.
Last Modified

CVE description copyright © 2017, The MITRE Corporation