CVE-2011-4131

Priority
Description
The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly
handle bitmap sizes in GETACL replies, which allows remote NFS servers to
cause a denial of service (OOPS) by sending an excessive number of bitmap
words.
Ubuntu-Description
Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation.
A remote NFS server (attacker) could exploit this flaw to cause a denial of
service.
Notes
 jdstrand> e5012d1f3861d18c7f3814e757c1c3ab3741dbcd is incomplete
 jdstrand> http://www.spinics.net/lists/linux-nfs/msg25288.html is proposed
 jdstrand> patch
 apw> http://www.spinics.net/lists/linux-nfs/msg25746.html implies the proposed
 apw> patch needs further work, awaiting resubmission
 apw> http://www.spinics.net/lists/linux-nfs/msg26023.html looks to be the
 apw> fixed patch, waiting on feedback
 apw> now upstream as bf118a342f10dafe44b14451a1392c3254629a1f
 jj> removed original incomplete e5012d1f3861d18c7f3814e757c1c3ab3741dbcd
 jj> as breakfix
 jdstrand> too intrusive to backport. Requires connecting to malicious NFS v4
  server
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (3.3~rc1)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (3.11.0-12.19)
Patches:
Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2Fixed by bf118a342f10dafe44b14451a1392c3254629a1f
Package
Upstream:released (3.3~rc1)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (3.3~rc1)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (3.3~rc1)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (3.4.0-1.3)
Package
Upstream:released (3.3~rc1)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (3.3~rc1)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (3.4.0-1.9)
Package
Upstream:released (3.3~rc1)
Ubuntu 14.04 LTS (Trusty Tahr):ignored (see note)
Package
Upstream:released (3.3~rc1)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (3.3~rc1)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (3.3~rc1)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (3.3~rc1)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Patches:
Package
Upstream:released (3.3~rc1)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (3.3~rc1)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (3.3~rc1)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (3.3~rc1)
Ubuntu 14.04 LTS (Trusty Tahr):ignored (see note)
Package
Upstream:released (3.3~rc1)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (3.4.0-3.21)
Package
Upstream:released (3.3~rc1)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (3.4.0-4.19)
Package
Upstream:released (3.3~rc1)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (3.3~rc1)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
More Information

Updated: 2019-01-14 22:00:08 UTC (commit 51f9b73af244ba86b9321e46e526586c25a8e060)