CVE-2008-4307
Priority
Medium
Description
Race condition in the do_setlk function in fs/nfs/file.c in the Linux
kernel before 2.6.26 allows local users to cause a denial of service
(crash) via vectors resulting in an interrupted RPC call that leads to a
stray FL_POSIX lock, related to improper handling of a race between fcntl
and close in the EINTR case.
kernel before 2.6.26 allows local users to cause a denial of service
(crash) via vectors resulting in an interrupted RPC call that leads to a
stray FL_POSIX lock, related to improper handling of a race between fcntl
and close in the EINTR case.
Ubuntu-Description
NFS did not correctly handle races between fcntl and interrupts. A local
attacker on an NFS mount could consume unlimited kernel memory, leading to
a denial of service.
attacker on an NFS mount could consume unlimited kernel memory, leading to
a denial of service.
References
Package
| Upstream: | needs-triage |
| Ubuntu 8.04 LTS (Hardy Heron): | DNE |
Package
| Upstream: | needs-triage |
| Ubuntu 8.04 LTS (Hardy Heron): | DNE |
Package
| Upstream: | released (2.6.26) |
| Ubuntu 8.04 LTS (Hardy Heron): | released (2.6.24-23.52) |
Patches:
| Upstream: | http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git;a=commit;h=c4d7c402b788b73dc24f1e54a57f89d3dc5eb7bc |