Launchpad CVE tracker

CVE 2009-0787

The ecryptfs_write_metadata_to_contents function in the eCryptfs functionality in the Linux kernel 2.6.28 before 2.6.28.9 uses an incorrect size when writing kernel memory to an eCryptfs file header, which triggers an out-of-bounds read and allows local users to obtain portions of kernel memory.

Related bugs and status

CVE-2009-0787 (Candidate) is related to these bugs:

Bug #345544: ecryptfs stores ram contents in plaintext in the container as padding

		In	Importance	Status
345544	ecryptfs stores ram contents in plaintext in the container as padding	eCryptfs	Critical	Fix Released
345544	ecryptfs stores ram contents in plaintext in the container as padding	ecryptfs-utils (Ubuntu)	Critical	Fix Released
345544	ecryptfs stores ram contents in plaintext in the container as padding	linux (Ubuntu)	Critical	Fix Released
345544	ecryptfs stores ram contents in plaintext in the container as padding	ecryptfs-utils (Ubuntu Jaunty)	Critical	Fix Released
345544	ecryptfs stores ram contents in plaintext in the container as padding	linux (Ubuntu Jaunty)	Critical	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2009-0787

References