Описание
The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words.
The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2011-4131
- https://github.com/torvalds/linux/commit/bf118a342f10dafe44b14451a1392c3254629a1f
- https://bugzilla.redhat.com/show_bug.cgi?id=747106
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bf118a342f10dafe44b14451a1392c3254629a1f
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=bf118a342f10dafe44b14451a1392c3254629a1f
- http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081280.html
- http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html
- http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html
- http://rhn.redhat.com/errata/RHSA-2012-0862.html
- http://rhn.redhat.com/errata/RHSA-2012-1541.html
- http://secunia.com/advisories/48898
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.2
- http://www.openwall.com/lists/oss-security/2011/11/12/1
EPSS
CVE ID
Связанные уязвимости
The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words.
The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words.
The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words.
The NFSv4 implementation in the Linux kernel before 3.2.2 does not pro ...
ELSA-2012-0862: Oracle Linux 6 kernel security, bug fix and enhancement update (MODERATE)
EPSS