CVE-2011-4131 Information

Feb 14, 2021 cve

Description

The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words.

Reference

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=bf118a342f10dafe44b14451a1392c3254629a1f http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081280.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html http://rhn.redhat.com/errata/RHSA-2012-0862.html http://rhn.redhat.com/errata/RHSA-2012-1541.html http://secunia.com/advisories/48898 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.2 http://www.openwall.com/lists/oss-security/2011/11/12/1 https://bugzilla.redhat.com/show_bug.cgi?id=747106 https://github.com/torvalds/linux/commit/bf118a342f10dafe44b14451a1392c3254629a1f

Share on: