I found a bug in VFAT filesystem. After posting a message to bugtraq, I
was told to send it here, too.
>You should send this to the linux kernel list, they'll propably fix it in
>an upcoming release. Perhaps if 2.2 ever comes out? ;)
>
>The address is linux-kernel@vger.rutgers.edu
My original message:
> Hi!
> While playing with file allocation tables, I noticed that if a FAT volume
> (eg. a floppy) with looped allocation chain is being read under Linux, the
> system stops responding and cannot be recovered to a working state without
> a hardware rebooting.
> This bug is not-so-useful for performing Denial-Of-Service attacks (if an
> evildoer managed to put a floppy into your computer, why won't he just
> press the power switch?), although he can leave a modified floppy on your
> desk. It is sufficient to just ls that floppy.
>
> Sample exploit is at http://rainbow.mimuw.edu.pl/~ab171958/FAT.html#Linux
>
> I tested this exploit on kernel versions 2.0.30, 2.0.31 and 2.0.32, it
> always works.
Someone else mentioned that this bug can be dangerous if a computer
running Linux has also a FAT partition.
/-----------------------\ Hiroshima'45
| kilobyte@mimuw.edu.pl | Chernobyl'86
\-----------------------/ Windows'95
http://rainbow.mimuw.edu.pl/~ab171958/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu