DOCUMENTATION

Views

Search

Toolbox

Advisories:rPSA-2007-0262

From rPath Wiki

Jump to: navigation, search

rPath Security Advisory 2007-0262-1

Published: 2007-12-11

Products

rPath Linux 1
rPath Appliance Platform Linux Service 1

Rating

Severe

Exposure Level Classification

Indirect Root Unauthorized Access

Updated Versions

e2fsprogs=conary.rpath.com@rpl:1/1.37-3.3-1

rPath Issue Tracking System

RPL-2011

References

CVE-2007-5497

Description

Previous versions of the e2fsprogs package are vulnerable to multiple

integer overflows that may be exploited by crafted filesystem images.

In particular, this may allow a user with elevated privileges in a

Xen guest domain to execute arbitrary code as root in domain 0 via

a maliciously crafted filesystem image if e2fsck is run in domain 0

on the guest-domain filesystem.

Copyright 2007 rPath, Inc. This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html

Retrieved from "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0262"

Categories: Support Issue | Advisories