Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 11 Nov 2011 17:48:24 +0100
From: Petr Matousek <pmatouse@...hat.com>
To: oss-security@...ts.openwall.com
Subject: CVE Request -- kernel: nfs4_getfacl decoding kernel oops

"nfs4_getfacl decoding causes a kernel Oops when a server returns more
than 2 GETATTR bitmap words in response to the FATTR4_ACL attribute
request.

While the NFS client only asks for one attribute (FATTR4_ACL) in the
first bitmap word, the NFSv4 protocol allows for the server to return
unbounded bitmaps (more than two)."

Upstream commit:
e5012d1f3861d18c7f3814e757c1c3ab3741dbcd - incomplete, handles only the
case when 2 words are expected and 3 are returned

Proposed complete upstream patch:
http://www.spinics.net/lists/linux-nfs/msg25288.html

Reference:
https://bugzilla.redhat.com/show_bug.cgi?id=747106

Credit: Andy Adamson

Thanks,
-- 
Petr Matousek / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.