[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE request - kernel: integer overflow in ext4_ext_get_blocks()
From:       Eugene Teo <eugene () redhat ! com>
Date:       2010-08-17 3:37:20
Message-ID: 4C6A03F0.8020003 () redhat ! com
[Download RAW message or body]

> Use CVE-2010-3015
>
> What does an attacker have to do to exploit this? Mount a crafted file
> system?

To trigger this, the attacker needs to write to the last block of a file 
(of max file size) and sync it.

Thanks, Eugene
-- 
main(i) { putchar(182623909 >> (i-1) * 5&31|!!(i<7)<<6) && main(++i); }
[prev in list] [next in list] [prev in thread] [next in thread]