1001 B
1001 B
CVE-2010-2798
Description
The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact by renaming a file in a GFS2 filesystem, related to the gfs2_rename function in fs/gfs2/ops_inode.c.
POC
Reference
- http://www.redhat.com/support/errata/RHSA-2010-0670.html
- http://www.ubuntu.com/usn/USN-1000-1
- http://www.vmware.com/security/advisories/VMSA-2011-0012.html
Github
No PoCs found on GitHub currently.