CVE-2011-4131
Priority
Medium
Description
The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly
handle bitmap sizes in GETACL replies, which allows remote NFS servers to
cause a denial of service (OOPS) by sending an excessive number of bitmap
words.
handle bitmap sizes in GETACL replies, which allows remote NFS servers to
cause a denial of service (OOPS) by sending an excessive number of bitmap
words.
Ubuntu-Description
Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation.
A remote NFS server (attacker) could exploit this flaw to cause a denial of
service.
A remote NFS server (attacker) could exploit this flaw to cause a denial of
service.
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4131
http://www.openwall.com/lists/oss-security/2011/11/13/3
http://www.ubuntu.com/usn/usn-1457-1
http://www.ubuntu.com/usn/usn-1470-1
http://www.ubuntu.com/usn/usn-1471-1
http://www.ubuntu.com/usn/usn-1472-1
http://www.ubuntu.com/usn/usn-1476-1
http://www.ubuntu.com/usn/usn-1530-1
http://www.openwall.com/lists/oss-security/2011/11/13/3
http://www.ubuntu.com/usn/usn-1457-1
http://www.ubuntu.com/usn/usn-1470-1
http://www.ubuntu.com/usn/usn-1471-1
http://www.ubuntu.com/usn/usn-1472-1
http://www.ubuntu.com/usn/usn-1476-1
http://www.ubuntu.com/usn/usn-1530-1
Notes
jdstrand> e5012d1f3861d18c7f3814e757c1c3ab3741dbcd is incomplete
jdstrand> http://www.spinics.net/lists/linux-nfs/msg25288.html is proposed
jdstrand> patch
apw> http://www.spinics.net/lists/linux-nfs/msg25746.html implies the proposed
apw> patch needs further work, awaiting resubmission
apw> http://www.spinics.net/lists/linux-nfs/msg26023.html looks to be the
apw> fixed patch, waiting on feedback
apw> now upstream as bf118a342f10dafe44b14451a1392c3254629a1f
jj> removed original incomplete e5012d1f3861d18c7f3814e757c1c3ab3741dbcd
jj> as breakfix
jdstrand> http://www.spinics.net/lists/linux-nfs/msg25288.html is proposed
jdstrand> patch
apw> http://www.spinics.net/lists/linux-nfs/msg25746.html implies the proposed
apw> patch needs further work, awaiting resubmission
apw> http://www.spinics.net/lists/linux-nfs/msg26023.html looks to be the
apw> fixed patch, waiting on feedback
apw> now upstream as bf118a342f10dafe44b14451a1392c3254629a1f
jj> removed original incomplete e5012d1f3861d18c7f3814e757c1c3ab3741dbcd
jj> as breakfix
Package
| Upstream: | released (3.3~rc1) |
| Ubuntu 10.04 LTS (Lucid Lynx): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | not-affected (3.2.0-1600.1) |
| Ubuntu 12.10 (Quantal Quetzal): | not-affected (3.2.0-1600.1) |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Package
| Upstream: | released (3.3~rc1) |
| Ubuntu 10.04 LTS (Lucid Lynx): | deferred |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Package
| Upstream: | released (3.3~rc1) |
| Ubuntu 10.04 LTS (Lucid Lynx): | released (3.0.0-21.35~lucid1) |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Package
| Upstream: | released (3.3~rc1) |
| Ubuntu 10.04 LTS (Lucid Lynx): | released (2.6.38-15.60~lucid1) |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Package
| Upstream: | DNE |
| Ubuntu 10.04 LTS (Lucid Lynx): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | not-affected |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Patches:
Package
| Upstream: | released (3.3~rc1) |
| Ubuntu 10.04 LTS (Lucid Lynx): | ignored (reached end-of-life) |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Package
| Upstream: | released (3.3~rc1) |
| Ubuntu 10.04 LTS (Lucid Lynx): | ignored (reached end-of-life) |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Package
| Upstream: | released (3.3~rc1) |
| Ubuntu 10.04 LTS (Lucid Lynx): | deferred |
| Ubuntu 12.04 LTS (Precise Pangolin): | not-affected (3.2.0-12.20) |
| Ubuntu 12.10 (Quantal Quetzal): | not-affected (3.2.0-12.20) |
| Ubuntu 13.04 (Raring Ringtail): | not-affected (3.2.0-12.20) |
| Ubuntu 13.10 (Saucy Salamander): | not-affected (3.2.0-12.20) |
Patches:
| Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 | Fixed by bf118a342f10dafe44b14451a1392c3254629a1f |
Package
| Upstream: | released (3.3~rc1) |
| Ubuntu 10.04 LTS (Lucid Lynx): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | not-affected (3.2.0-1406.8) |
| Ubuntu 12.10 (Quantal Quetzal): | not-affected (3.2.0-1406.8) |
| Ubuntu 13.04 (Raring Ringtail): | not-affected (3.2.0-1406.8) |
| Ubuntu 13.10 (Saucy Salamander): | not-affected (3.2.0-1406.8) |
Package
| Upstream: | released (3.3~rc1) |
| Ubuntu 10.04 LTS (Lucid Lynx): | ignored (reached end-of-life) |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Package
| Upstream: | released (3.3~rc1) |
| Ubuntu 10.04 LTS (Lucid Lynx): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | not-affected |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |