Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4324

Overview

Vulnerability Score 4.9 4.9
CVE Id CVE-2011-4324
Last Modified 22 Jun 2012 12:00:00
Published 21 Jun 2012 07:55:02
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2011-4324

Summary

The encode_share_access function in fs/nfs/nfs4xdr.c in the Linux kernel before 2.6.29 allows local users to cause a denial of service (BUG and system crash) by using the mknod system call with a pathname on an NFSv4 filesystem.

Vulnerable Systems

Operating System

  • Linux Kernel 2.6.28

  • Linux Kernel 2.6.28.1

  • Linux Kernel 2.6.28.10

  • Linux Kernel 2.6.28.2

  • Linux Kernel 2.6.28.3

  • Linux Kernel 2.6.28.4

  • Linux Kernel 2.6.28.5

  • Linux Kernel 2.6.28.6

  • Linux Kernel 2.6.28.7

  • Linux Kernel 2.6.28.8

  • Linux Kernel 2.6.28.9


References

CONFIRM - https://github.com/torvalds/linux/commit/dc0b027dfadfcb8a5504f7d8052754bf8d501ab9

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=755440

MLIST - [oss-security] 20120206 Re: CVE-2011-4324 kernel: nfsv4: mknod(2) DoS

CONFIRM - http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=dc0b027dfadfcb8a5504f7d8052754bf8d501ab9

CONFIRM - http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.29

Related Patches

Red Hat 2012:0007-01 RHSA Important: kernel security, bug fix, and enhancement update for RHEL 5 x86

Red Hat 2012:0007-01 RHSA Important: kernel security, bug fix, and enhancement update for RHEL 5 x86_64

Novell SUSE 2012:8161 kernel security update for SLE 10 SP4 x86_64

Novell SUSE 2012:8162 kernel security update for SLE 10 SP4 i586


Last Updated: 27 May 2016 10:56:34