Linux Kernel 'write _ tag_3_packet () 'Function Local Heap Buffer Overflow Vulnerability
Release date:
Updated on:
Affected Systems:
Linux kernel 2.6.18
Description:
--------------------------------------------------------------------------------
Bugtraq id: 63493
Linux Kernel is the Kernel of the Linux operating system.
The write_tag_3_packet () in Linux kernel 2.6.18 eCryptfs does not check the memory replication length variable. The heap buffer overflow vulnerability exists in implementation. After successful exploitation, the kernel crash and privilege escalation can occur.
<* Source: x90c (http://www.x90c.org)
Link: http://seclists.org/fulldisclosure/2013/Nov/23
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Linux
-----
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Linux Kernel: click here
Linux Kernel: click here
Recommended reading:
Linux 3.12 code Suicidal Squirrel
How to install Linux 3.11 Kernel on Ubuntu
The Ubuntu 13.10 (Saucy Salamander) Kernel has been upgraded to Linux Kernel 3.10 RC5
Linux Kernel 3.4.62 LTS is now available for download