Kernel Fun: MOKB-25-11-2006: Linux 2.6.x ReiserFS Sync Memory Corruption

Saturday, November 25, 2006

MOKB-25-11-2006: Linux 2.6.x ReiserFS Sync Memory Corruption

The ReiserFS support code of Linux 2.6.x fails to properly handle crafted data structures, leading to an exploitable memory corruption condition when a sync is being done in a corrupted ReiserFS filesystem.

More details
Proof of concept: MOKB-25-11-2006.img.bz2