April 20, 2004

Linux Kernel EXT3 File System Information Leakage Vulnerability

An information leakage vulnerability has been reported to exist in the
Linux kernel when writing to an ext3 file system. This issue is due to
a design error that causes some kernel information to be leaked.
It has been reported that this issue requires that the attacker be
able to read the raw device; an action which is restricted to
privileged users. Due to the nature of the issue, this really only
poses a security risk if the privileged user is not intended to access
this information already.

Link: securityfocus.com


  • Linux
Click Here!