CVE-2008-4934

Publication date 5 November 2008

Last updated 24 July 2024

The hfsplus_block_allocate function in fs/hfsplus/bitmap.c in the Linux kernel before 2.6.28-rc1 does not check a certain return value from the read_mapping_page function before calling kmap, which allows attackers to cause a denial of service (system crash) via a crafted hfsplus filesystem image.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
linux	8.10 intrepid	Fixed 2.6.27-9.19
	8.04 LTS hardy	Fixed 2.6.24-22.45
	7.10 gutsy	Not in release
	6.06 LTS dapper	Not in release
linux-source-2.6.15	8.10 intrepid	Not in release
	8.04 LTS hardy	Not in release
	7.10 gutsy	Not in release
	6.06 LTS dapper	Fixed 2.6.15-53.74
linux-source-2.6.22	8.10 intrepid	Not in release
	8.04 LTS hardy	Not in release
	7.10 gutsy	Fixed 2.6.22-16.60
	6.06 LTS dapper	Not in release

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-679-1
Linux kernel vulnerabilities
27 November 2008

Other references

https://www.cve.org/CVERecord?id=CVE-2008-4934