50212 – (CVE-2004-0177) VUL-0: CVE-2004-0177: kernel: ext3 filesystem infoleak

Bug 50212 (CVE-2004-0177) - VUL-0: CVE-2004-0177: kernel: ext3 filesystem infoleak

Summary: VUL-0: CVE-2004-0177: kernel: ext3 filesystem infoleak

Status:	RESOLVED FIXED

Alias:	CVE-2004-0177

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	All Linux

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Thomas Biege
QA Contact:	Security Team bot

URL:
Whiteboard:	CVE-2004-0177: CVSS v2 Base Score: 5....
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2004-03-01 23:11 UTC by Thomas Biege
Modified:	2021-09-30 15:19 UTC (History)
CC List:	1 user (show)

See Also:
Found By:	Other
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
vendor-sec discussion (16.77 KB, text/plain) 2004-03-01 23:13 UTC, Thomas Biege	Details
infoleak-patch-2.4 (368 bytes, patch) 2004-03-01 23:13 UTC, Thomas Biege	Details \| Diff
infoleak-patch-2.6 (412 bytes, patch) 2004-03-01 23:14 UTC, Thomas Biege	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Thomas Biege 2004-03-01 23:11:31 UTC

Hi Hubert, 
just a minor one that we should fix together with #34841 .

Comment 1 Thomas Biege 2004-03-01 23:11:31 UTC

<!-- SBZ_reproduce  -->
See attachements.

Comment 2 Thomas Biege 2004-03-01 23:13:00 UTC

Created attachment 16285 [details]
vendor-sec discussion

Comment 3 Thomas Biege 2004-03-01 23:13:43 UTC

Created attachment 16286 [details]
infoleak-patch-2.4

Comment 4 Thomas Biege 2004-03-01 23:14:18 UTC

Created attachment 16287 [details]
infoleak-patch-2.6

Comment 5 Hubert Mantel 2004-03-04 00:49:14 UTC

Fixes are in, kernels are waiting for checkin. NOTE: I did not yet check 2.6,
but assume it will be fixed there upstream anyway. So please re-assign to me
after 2.4 kernels are released or check if the latest 2.6 kernel is indeed fixed.

Comment 6 Thomas Biege 2004-03-09 20:32:11 UTC

CAN-2004-0177

Comment 7 Thomas Biege 2004-03-09 20:36:01 UTC

CAN-2004-0133 should be used instead...

Comment 8 Thomas Biege 2004-03-24 00:56:08 UTC

packages released.

Comment 9 Marcus Meissner 2005-04-25 15:46:42 UTC

redhat used CAN-2004-0177

Comment 10 Thomas Biege 2009-10-13 20:16:21 UTC

CVE-2004-0177: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)