CVE-2011-4131

Опубликовано: 05 нояб. 2011

Источник: redhat

CVSS2: 4.6

EPSS Низкий

Описание

The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words.

Отчет

This issue does not affect the Linux kernel as shipped with Red Hat Enterprise Linux 4 as it does not provide support for NFS ACLs. This issue does not affect the Linux kernel as shipped with Red Hat Enterprise Linux 5. This has been addressed in Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2012-0333.html. Future kernel updates in Red Hat Enterprise Linux 6 may address this issue.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 4	kernel	Not affected
Red Hat Enterprise Linux 5	kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Fixed	RHSA-2012:0862	19.06.2012
Red Hat Enterprise Linux 6.2 EUS - Server and Compute Node Only	kernel	Fixed	RHSA-2012:1541	04.12.2012
Red Hat Enterprise MRG 2	kernel-rt	Fixed	RHSA-2012:0333	23.02.2012

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

https://bugzilla.redhat.com/show_bug.cgi?id=747106kernel: nfs4_getfacl decoding kernel oops

EPSS

Процентиль: 57%

0.00355

Низкий

4.6 Medium

CVSS2

Связанные уязвимости

CVE-2011-4131

ubuntu

больше 13 лет назад

CVE-2011-4131

nvd

больше 13 лет назад

CVE-2011-4131

debian

больше 13 лет назад

The NFSv4 implementation in the Linux kernel before 3.2.2 does not pro ...

GHSA-497c-8qgw-xqvj

github

больше 3 лет назад

ELSA-2012-0862

oracle-oval

около 13 лет назад

ELSA-2012-0862: Oracle Linux 6 kernel security, bug fix and enhancement update (MODERATE)

EPSS

Процентиль: 57%

0.00355

Низкий

4.6 Medium

CVSS2