CVE-2010-2798
The MITRE CVE dictionary describes this issue as:
The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact by renaming a file in a GFS2 filesystem, related to the gfs2_rename function in fs/gfs2/ops_inode.c.
Find out more about CVE-2010-2798 from the MITRE CVE dictionary dictionary and NIST NVD.
Statement
This issue did not affect the version of Linux kernel as shipped with Red Hat
Enterprise Linux 3, 4 and Red Hat Enterprise MRG as they did not include
support for the GFS2 file system.
A future kernel update in Red Hat Enterprise Linux 5 will address this issue.
CVSS v2 metrics
| Base Score | 7.2 |
|---|---|
| Base Metrics | AV:L/AC:L/Au:N/C:C/I:C/A:C |
| Access Vector | Local |
| Access Complexity | Low |
| Authentication | None |
| Confidentiality Impact | Complete |
| Integrity Impact | Complete |
| Availability Impact | Complete |
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Red Hat Security Errata
| Platform | Errata | Release Date |
|---|---|---|
| Red Hat Enterprise Linux EUS (v. 5.4 server) (kernel) | RHSA-2010:0670 | 2010-09-02 |
| Red Hat Enterprise Linux EUS (v. 5.3 server) (kernel) | RHSA-2010:0660 | 2010-08-30 |
| Red Hat Enterprise Linux 5 (kernel) | RHSA-2010:0723 | 2010-09-29 |
Acknowledgements
Red Hat would like to thank Grant Diffey of CenITex for reporting this issue.CVE description copyright © 2017, The MITRE Corporation