APPLIED: [CVE-2011-1090] nfs4: Ensure that ACL pages sent over NFS were not allocated from the slab (v3)

Tim Gardner tim.gardner at
Fri Jul 8 16:44:53 UTC 2011

On 07/08/2011 10:00 AM, Andy Whitcroft wrote:
> CVE-2011-1090
> 	The __nfs4_proc_set_acl function in fs/nfs/nfs4proc.c in the
> 	Linux kernel before 2.6.38 stores NFSv4 ACL data in memory that is
> 	allocated by kmalloc but not properly freed, which allows local
> 	users to cause a denial of service (panic) via a crafted attempt
> 	to set an ACL.
> This has already been fixed for all releases after hardy.  Following
> this email is a backport of this fix for hardy.  This is a relaivly
> simple re-application of the original.
> Proposing for hardy.
> -apw

Tim Gardner tim.gardner at

More information about the kernel-team mailing list