[CVE-2011-1090] nfs4: Ensure that ACL pages sent over NFS were not allocated from the slab (v3)
Andy Whitcroft
apw at canonical.com
Fri Jul 8 16:00:11 UTC 2011
CVE-2011-1090
The __nfs4_proc_set_acl function in fs/nfs/nfs4proc.c in the
Linux kernel before 2.6.38 stores NFSv4 ACL data in memory that is
allocated by kmalloc but not properly freed, which allows local
users to cause a denial of service (panic) via a crafted attempt
to set an ACL.
This has already been fixed for all releases after hardy. Following
this email is a backport of this fix for hardy. This is a relaivly
simple re-application of the original.
Proposing for hardy.
-apw
More information about the kernel-team
mailing list