Bug 132725 (CVE-2005-3109)

Summary: VUL-0: CVE-2005-3109: kernel: dos in hfs / hfsplus file system
Product: [Novell Products] SUSE Security Incidents Reporter: Marcus Meissner <meissner>
Component: IncidentsAssignee: Chris L Mason <mason>
Status: RESOLVED WONTFIX QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P5 - None CC: security-team
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard: CVE-2005-3109: CVSS v2 Base Score: 2.1 (AV:L/AC:L/Au:N/C:N/I:N/A:P)
Found By: Other Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Marcus Meissner 2005-11-08 15:45:20 UTC 
CVE-2005-3109

The HFS and HFS+ (hfsplus) modules in Linux 2.6 allows attackers to cause a denial of service (oops) by using hfsplus to mount a filesystem that is not hfsplus.

CONFIRM:http://www.kernel.org/git/gitweb.cgi?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=945b092011c6af71a0107be96e119c8c08776f3f
Comment 1 Marcus Meissner 2005-11-08 15:46:25 UTC 
since this a local dos, and in a rarely used filesystem,
i am near to considering this a non issue for SLES 9.

except some Olaf or Chris disagrees... :)
Comment 2 Olaf Hering 2005-11-09 22:18:39 UTC 
I can not reproduce it.
Comment 3 Marcus Meissner 2005-11-15 10:33:31 UTC 
then lets close it.
Comment 4 Thomas Biege 2009-10-13 21:47:57 UTC 
CVE-2005-3109: CVSS v2 Base Score: 2.1 (AV:L/AC:L/Au:N/C:N/I:N/A:P)