In association with heise online

27 January 2009, 12:43

Linux Kernel - eCryptfs vulnerability

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Due to a vulnerability in the Linux kernel, an attacker with a local user account, on a system with Linux kernel series 2.6 could crash the system to deny service to legitimate users or possibly obtain root privileges.

Security Lab say the vulnerability is in fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel before allows local users to cause a denial of service (fault or memory corruption), and possibly have some other unspecified impact, by making a readlink call that results in an error. The error leads to the call returning a -1 value as an array index. For those who compile their own kernel builds: there is a three line patch. The issue is fixed in the recently released version of the Linux kernel. According to an advisory on Security Focus how an exploit might be developed is apparently still unclear and to-date there are no known exploits.

eCryptfs is now an option for some Linux distributions such as Ubuntu 8.10 "Intrepid Ibex". It adds metadata to a normal file to allow for transparent, portable encryption and decryption of the file.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit