132725 – (CVE-2005-3109) VUL-0: CVE-2005-3109: kernel: dos in hfs / hfsplus file system

Bug 132725 (CVE-2005-3109) - VUL-0: CVE-2005-3109: kernel: dos in hfs / hfsplus file system

Summary: VUL-0: CVE-2005-3109: kernel: dos in hfs / hfsplus file system

Status:	RESOLVED WONTFIX

Alias:	CVE-2005-3109

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P5 - None Severity: Normal
Target Milestone:	---
Assignee:	Chris L Mason
QA Contact:	Security Team bot

URL:
Whiteboard:	CVE-2005-3109: CVSS v2 Base Score: 2....
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2005-11-08 15:45 UTC by Marcus Meissner
Modified:	2021-12-07 16:12 UTC (History)
CC List:	1 user (show)

See Also:
Found By:	Other
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Marcus Meissner 2005-11-08 15:45:20 UTC

CVE-2005-3109

The HFS and HFS+ (hfsplus) modules in Linux 2.6 allows attackers to cause a denial of service (oops) by using hfsplus to mount a filesystem that is not hfsplus.

CONFIRM:http://www.kernel.org/git/gitweb.cgi?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=945b092011c6af71a0107be96e119c8c08776f3f

Comment 1 Marcus Meissner 2005-11-08 15:46:25 UTC

since this a local dos, and in a rarely used filesystem,
i am near to considering this a non issue for SLES 9.

except some Olaf or Chris disagrees... :)

Comment 2 Olaf Hering 2005-11-09 22:18:39 UTC

I can not reproduce it.

Comment 3 Marcus Meissner 2005-11-15 10:33:31 UTC

then lets close it.

Comment 4 Thomas Biege 2009-10-13 21:47:57 UTC

CVE-2005-3109: CVSS v2 Base Score: 2.1 (AV:L/AC:L/Au:N/C:N/I:N/A:P)