CVE-2008-4933
5.3 Medium
AI Score
Confidence
High
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.002 Low
EPSS
Percentile
64.4%
Buffer overflow in the hfsplus_find_cat function in fs/hfsplus/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an hfsplus filesystem image with an invalid catalog namelength field, related to the hfsplus_cat_build_key_uni function.
References
git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=efc7ffcb4237f8cb9938909041c4ed38f6e1bf40
kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.28-rc1
lists.opensuse.org/opensuse-security-announce/2009-01/msg00006.html
lists.opensuse.org/opensuse-security-announce/2009-01/msg00010.html
rhn.redhat.com/errata/RHSA-2009-0264.html
secunia.com/advisories/32510
secunia.com/advisories/32918
secunia.com/advisories/32998
secunia.com/advisories/33180
secunia.com/advisories/33556
secunia.com/advisories/33641
secunia.com/advisories/33704
secunia.com/advisories/33858
www.debian.org/security/2008/dsa-1681
www.debian.org/security/2008/dsa-1687
www.mandriva.com/security/advisories?name=MDVSA-2008:234
www.openwall.com/lists/oss-security/2008/11/03/2
www.redhat.com/support/errata/RHSA-2009-0014.html
www.securityfocus.com/bid/32093
www.ubuntu.com/usn/usn-679-1
exchange.xforce.ibmcloud.com/vulnerabilities/46405
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11061
Social References
More
Related
5.3 Medium
AI Score
Confidence
High
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.002 Low
EPSS
Percentile
64.4%