Date: Fri, 11 Nov 2011 21:36:20 -0700 From: Kurt Seifried <kseifried@...hat.com> To: oss-security@...ts.openwall.com Subject: Re: CVE Request -- kernel: nfs4_getfacl decoding kernel oops On 11/11/2011 09:48 AM, Petr Matousek wrote: > "nfs4_getfacl decoding causes a kernel Oops when a server returns more > than 2 GETATTR bitmap words in response to the FATTR4_ACL attribute > request. > > While the NFS client only asks for one attribute (FATTR4_ACL) in the > first bitmap word, the NFSv4 protocol allows for the server to return > unbounded bitmaps (more than two)." > > Upstream commit: > e5012d1f3861d18c7f3814e757c1c3ab3741dbcd - incomplete, handles only the > case when 2 words are expected and 3 are returned > > Proposed complete upstream patch: > http://www.spinics.net/lists/linux-nfs/msg25288.html > > Reference: > https://bugzilla.redhat.com/show_bug.cgi?id=747106 > > Credit: Andy Adamson > > Thanks, Please use CVE-2011-4131 for this issue -- -Kurt Seifried / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ