Freely subscribe to our NEWSLETTER

This bulletin was written by Vigil@nce : http://vigilance.fr/offer

SYNTHESIS OF THE VULNERABILITY

A local attacker, who is allowed to mount an HFS filesystem, can
generate an overflow, in order to create a denial of service or to
execute privileged code.

– Severity: 2/4
– Creation date: 21/11/2011

IMPACTED PRODUCTS

– Linux kernel

DESCRIPTION OF THE VULNERABILITY

The Linux kernel support HFS (Hierarchical File System)
filesystems, which are mainly used on Mac OS.

The hfs_mac2asc() function of the fs/hfs/trans.c file converts Mac
filenames to ASCII. However, if the filename length is greater
than HFS_MAX_NAMELEN (31 characters), a buffer overflow occurs.

A local attacker, who is allowed to mount an HFS filesystem, can
therefore generate an overflow, in order to create a denial of
service or to execute privileged code.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/Linux-kernel-buffer-overflow-via-hfs-mac2asc-11169