Linux Kernel EXT3文件系统信息泄露漏洞

1780

漏洞信息详情

Linux Kernel EXT3文件系统信息泄露漏洞

漏洞简介

Linux 2.4.26之前的2.4.x版本的ext3代码不正确初始化日报描述符块,导致写到ext3文件系统设备内存数据信息泄露。拥有特权的用户通过读取原生装置得到部分核心内存信息

漏洞公告

The Fedora Legacy project has released advisory FLSA:2336 to address this issue for Red Hat Fedora Core 1, Red Hat Linux 7.3 and 9. Please see the referenced advisory for further information.
Red Hat has released advisory RHSA-2004:505-14 and fixes to address this issue and other issues on Red Hat Linux Enterprise platforms. Customers that are affected by this issue are advised to apply the appropriate updates. Customers subscribed to the Red Hat Network may apply the appropriate fixes using the Red Hat Update Agent (up2date). Please see referenced advisory for additional information.
Conectiva has released advisory CLA-2004:846 to provide Kernel updates to address this and other issues for Conectiva 8 and 9. Please see the referenced advisory for further details regarding obtaining and applying appropriate updates.
Conectiva has released advisory CLSA-2004:829 to provide Kernel updates for CLEE 1.0. Please see the attached advisory for details on how to apply updates.
Mandrake has released advisory MDKSA-2004:029 to address this and other kernel vulnerabilities. Please see the attached advisory for details on obtaining and applying fixes.
This issue has been addressed in versions 2.4.26 and 2.6.5 of the Linux Kernel.
Trustix has released an advisory TSLSA-2004-0020 with fixes to address this and other issues. Please see the referenced advisory for more information.
Debian has released advisory DSA 489-1 to provide updates for Linux 2.4.17 for the PowerPC/apus and S/390 architectures. Please see the attached advisory for details on applying and obtaining fixes.
Debian has released advisory DSA 491-1 to provide updates for Linux 2.4.19 on the MIPS architecture. Please see the attached advisory for details on applying and obtaining fixes.
Rad Hat has released advisory RHSA-2004:166-08 and fixes for Red Hat Linux version 9. Please see the referenced advisory for more information.
Debian has released an advisory (DSA 495-1) to address various issues in the Linux kernel. This advisory contains fixes for the ARM architecture. Please see the referenced advisory for more information.
EnGarde Secure Linux has released an advisory (ESA-20040428-004) to address various issues in the Linux kernel. Please see the referenced advisory for more information.
Gentoo Linux has released advisory GLSA 200407-02 addressing this and other issues. Please see the referenced advisory for further information about this issue and information on upgrading packages using emerge.
RedHat Linux has released advisory RHSA-2004:504-13 to address this, and other issues in RedHat Enterprise Linux operating systems with Itanium processors. Please see the referenced advisory for further information.
Avaya has released an advisory regarding this issue. They report that fixes will be released in the future. Please see the referenced Web advisory for more information.
Red Hat released advisory RHSA-2005:293-16 as well as fixes to address this and other issues on Red Hat Linux Enterprise platforms. Customers who are affected by this issue are advised to apply the appropriate updates. Customers subscribed to the Red Hat Network may apply the appropriate fixes using the Red Hat Update Agent (up2date). Please see referenced advisories for additional information.
Linux kernel 2.4 .0-test3

Linux kernel 2.4 .0-test6

Linux kernel 2.4 .0-test8

Linux kernel 2.4 .0-test7

Linux kernel 2.4

Linux kernel 2.4 .0-test2

Linux kernel 2.4 .0-test11

Linux kernel 2.4 .0-test10

Linux kernel 2.4 .0-test4

Linux kernel 2.4 .0-test1

Linux kernel 2.4 .0-test5

Linux kernel 2.4 .0-test12

Linux kernel 2.4.1

Linux kernel 2.4.11

Linux kernel 2.4.12

Linux kernel 2.4.13

Linux kernel 2.4.14

Linux kernel 2.4.15

Linux kernel 2.4.16

  • Debian kernel-doc-2.4.16_2.4.16-1woody2_all.debDebian GNU/Linux 3.0 alias woody

    http://security

参考网址

来源: ENGARDE
名称: ESA-20040428-004
链接:http://www.linuxsecurity.com/advisories/engarde_advisory-4285.html

来源: DEBIAN
名称: DSA-495
链接:http://www.debian.org/security/2004/dsa-495

来源: REDHAT
名称: RHSA-2004:166
链接:http://rhn.redhat.com/errata/RHSA-2004-166.html

来源: TRUSTIX
名称: 2004-0020
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=108213675028441&w=2

来源: FEDORA
名称: FLSA:2336
链接:https://bugzilla.fedora.us/show_bug.cgi?id=2336

来源: DEBIAN
名称: DSA-491
链接:http://www.debian.org/security/2004/dsa-491

来源: DEBIAN
名称: DSA-489
链接:http://www.debian.org/security/2004/dsa-489

来源: DEBIAN
名称: DSA-482
链接:http://www.debian.org/security/2004/dsa-482

来源: DEBIAN
名称: DSA-481
链接:http://www.debian.org/security/2004/dsa-481

来源: DEBIAN
名称: DSA-480
链接:http://www.debian.org/security/2004/dsa-480

来源: DEBIAN
名称: DSA-479
链接:http://www.debian.org/security/2004/dsa-479

来源: GENTOO
名称: GLSA-200407-02
链接:http://security.gentoo.org/glsa/glsa-200407-02.xml

来源: OVAL
名称: oval:org.mitre.oval:def:10556
链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10556

来源: linux.bkbits.net:8080
链接:http://linux.bkbits.net:8080/linux-2.4/cset@4056b368s6vpJbGWxDD_LhQNYQrdzQ

来源: XF
名称: linux-ext3-info-disclosure(15867)
链接:http://xforce.iss.net/xforce/xfdb/15867

来源: BID
名称: 10152
链接:http://www.securityfocus.com/bid/10152

来源: REDHAT
名称: RHSA-2005:293
链接:http://www.redhat.com/support/errata/RHSA-2005-293.html

来源: REDHAT
名称: RHSA-2004:505
链接:http://www.redhat.com/support/errata/RHSA-2004-505.html

来源: REDHAT
名称: RHSA-2004:504
链接:http://www.redhat.com/support/errata/RHSA-2004-504.html

来源: MANDRAKE
名称: MDKSA-2004:029
链接:http://www.mandriva.com/security/advisories?name=MDKSA-2004:029

来源: CIAC
名称: O-127
链接:http://www.ciac.org/ciac/bulletins/o-127.shtml

来源: CIAC
名称: O-126
链接:http://www.ciac.org/ciac/bulletins/o-126.shtml

来源: CIAC
名称: O-121
链接:http://www.ciac.org/ciac/bulletins/o-121.shtml

来源: CONECTIVA
名称: CLA-2004:846
链接:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000846

© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
信息安全
喜欢就支持一下吧
点赞0 分享
AI-robot的头像-一一网
asgbookphp ‘index.php’ 跨站脚本攻击漏洞-一一网
asgbookphp ‘index.php’ 跨站脚本攻击漏洞
asgbookphp ‘index.php’ 跨站脚本攻击漏洞
14年前 2.6W+
机器学习之随机森林回归篇(RandomForestRegressor)-一一网
机器学习之随机森林回归篇(RandomForestRegressor)
机器学习之随机森林回归篇(RandomForestRegressor)
4年前 4235
详解数仓中的数据分层:ODS、DWD、DWM、DWS、ADS-一一网
详解数仓中的数据分层:ODS、DWD、DWM、DWS、ADS
详解数仓中的数据分层:ODS、DWD、DWM、DWS、ADS
4年前 3920
DZCP Clanportal 'Index.PHP'任意文件上载漏洞-一一网
DZCP Clanportal 'Index.PHP'任意文件上载漏洞
DZCP Clanportal 'Index.PHP'任意文件上载漏洞
19年前 3843
Wireshark之抓包文件保存-一一网
Wireshark之抓包文件保存
Wireshark之抓包文件保存
4年前 3411
支付宝生活号H5接入支付宝支付流程-一一网
支付宝生活号H5接入支付宝支付流程
支付宝生活号H5接入支付宝支付流程
3年前 3162
相关推荐
asgbookphp ‘index.php’ 跨站脚本攻击漏洞-一一网
asgbookphp ‘index.php’ 跨站脚本攻击漏洞
asgbookphp ‘index.php’ 跨站脚本攻击漏洞
14年前 2.6W+
DZCP Clanportal 'Index.PHP'任意文件上载漏洞-一一网
DZCP Clanportal 'Index.PHP'任意文件上载漏洞
DZCP Clanportal 'Index.PHP'任意文件上载漏洞
19年前 3843
Symantec Critical System Protection 权限许可和访问控制问题漏洞-一一网
Symantec Critical System Protection 权限许可和访问控制问题漏洞
Symantec Critical System Protection 权限许可和访问控制问题漏洞
4年前 1107
deV!Lz Clanportal inc/filebrowser/browser.php 信息泄露漏洞-一一网
deV!Lz Clanportal inc/filebrowser/browser.php 信息泄露漏洞
deV!Lz Clanportal inc/filebrowser/browser.php 信息泄露漏洞
18年前 866
Microsoft ‘api.php’ 跨站脚本攻击漏洞-一一网
Microsoft ‘api.php’ 跨站脚本攻击漏洞
Microsoft ‘api.php’ 跨站脚本攻击漏洞
4年前 799
Vendor LPRM多个本地缓冲区溢出漏洞-一一网
Vendor LPRM多个本地缓冲区溢出漏洞
Vendor LPRM多个本地缓冲区溢出漏洞
20年前 700
搜索
开启精彩搜索
世界,您好!-一一网
3.7W+人已阅读
世界,您好!
TOP1
番茄社区无限观看+付费视频破解教程-一一网
番茄社区无限观看+付费视频破解教程
5年前3.2W+人已阅读
TOP2
香蕉视频v3.8.3_VIP会员破解教程-一一网
香蕉视频v3.8.3_VIP会员破解教程
5年前3.1W+人已阅读
TOP3
[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网
密码保护:[桜井宁宁]COS和泉纱雾超可爱写真福利集
5年前2.8W+人已阅读
TOP4
[桜井宁宁] 爆乳奶牛少女cos写真-一一网
密码保护:[桜井宁宁] 爆乳奶牛少女cos写真
5年前2.8W+人已阅读
TOP5
快猫v1.1.7会员破解版_最新快猫vip破解教程大全-一一网
快猫v1.1.7会员破解版_最新快猫vip破解教程大全
5年前2.8W+人已阅读
TOP6
标签云
默认路由黑裙黑群晖麦克风车机鸿蒙系统鸿蒙系统鸿蒙OS鸿蒙驱动软件驱动题库音频剪辑音乐剪辑面板面具静态雷石集群随机阿里云