oss-sec mailing list archives
Re: CVE Request -- kernel: nfs4_getfacl decoding kernel oops
From: Kurt Seifried <kseifried () redhat com>
Date: Sun, 13 Nov 2011 08:54:15 -0700
On 11/11/2011 09:36 PM, Kurt Seifried wrote:
On 11/11/2011 09:48 AM, Petr Matousek wrote:"nfs4_getfacl decoding causes a kernel Oops when a server returns more than 2 GETATTR bitmap words in response to the FATTR4_ACL attribute request. While the NFS client only asks for one attribute (FATTR4_ACL) in the first bitmap word, the NFSv4 protocol allows for the server to return unbounded bitmaps (more than two)." Upstream commit: e5012d1f3861d18c7f3814e757c1c3ab3741dbcd - incomplete, handles only the case when 2 words are expected and 3 are returned Proposed complete upstream patch: http://www.spinics.net/lists/linux-nfs/msg25288.html Reference: https://bugzilla.redhat.com/show_bug.cgi?id=747106 Credit: Andy Adamson Thanks,Please use CVE-2011-4131 for this issue
With apologies, I replied to the same message twice, the correct CVE assignment should be: CVE-2011-4131 kernel: nfs4_getfacl decoding kernel oops (correct for this email) The second one, CVE-2011-4132 is for kernel: jbd/jbd2: invalid value of first log block leads to oops which is in a second email. -- -Kurt Seifried / Red Hat Security Response Team
Current thread:
- CVE Request -- kernel: nfs4_getfacl decoding kernel oops Petr Matousek (Nov 11)
- Re: CVE Request -- kernel: nfs4_getfacl decoding kernel oops Kurt Seifried (Nov 11)
- Re: CVE Request -- kernel: nfs4_getfacl decoding kernel oops Kurt Seifried (Nov 13)
- Re: CVE Request -- kernel: nfs4_getfacl decoding kernel oops Kurt Seifried (Nov 11)
- Re: CVE Request -- kernel: nfs4_getfacl decoding kernel oops Kurt Seifried (Nov 11)