[PATCH 0/2] [CVE-2012-2375] [PRECISE] More NFS ACL boundry checking
Brad Figg
brad.figg at canonical.com
Thu May 31 17:00:57 UTC 2012
The fix for CVE-2011-4131 was not complete. Malicious NFS server could still
crash the clients when more than 2 GETATTR bitmap words are returned in
response to the FATTR4_ACL attribute request.
Sachin Prabhu (2):
Avoid reading past buffer when calling GETACL
Avoid beyond bounds copy while caching ACL
fs/nfs/nfs4proc.c | 28 +++++++++++++++-------------
fs/nfs/nfs4xdr.c | 18 +++++++++++-------
2 files changed, 26 insertions(+), 20 deletions(-)
--
1.7.9.5
More information about the kernel-team
mailing list