CVE-2006-3123

Name of the Vulnerable Software and Affected Versions: Matt Blaze Cryptographic File System (CFS) version 1.4.1

Description: The issue is related to multiple integer overflows in the dodecrypt and doencrypt functions in cfs fh.c in cfsd. This can cause a denial of service, specifically a daemon crash, when a local user appends data to a file that is larger than 2 Gb.

Recommendations: For Matt Blaze Cryptographic File System (CFS) version 1.4.1, update to Debian GNU/Linux package 1.4.1-17 or later to resolve the issue. As a temporary workaround, consider restricting file sizes to prevent crashes until the update is applied.