CVE-2009-0746

Publication date 27 February 2009

Last updated 24 July 2024

The make_indexed_dir function in fs/ext4/namei.c in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 does not validate a certain rec_len field, which allows local users to cause a denial of service (OOPS) by attempting to mount a crafted ext4 filesystem.

From the Ubuntu Security Team

The ext4 filesystem did not correctly validate certain length fields. A local attacker could mount a malicious ext4 filesystem, causing a system crash, leading to a denial of service.

Status

Show unmaintained releases

Package	Ubuntu Release	Status

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-751-1
Linux kernel vulnerabilities
6 April 2009

Other references

https://www.cve.org/CVERecord?id=CVE-2009-0746