You are here

CVE-2012-2375

Vincent (CVE) Danen's picture
The __nfs4_get_acl_uncached function in fs/nfs/nfs4proc.c in the NFSv4 implementation in the Linux kernel before 3.3.2 uses an incorrect length variable during a copy operation, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words in an FATTR4_ACL reply. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-4131.

Details Source

Mitre

Public Date

2012-03-22 00:00:00

Impact

Moderate

Bugzilla

CVE-2012-2375 kernel: incomplete fix for CVE-2011-4131

Bugzilla ID

822 869

CVSS Status

verified

Base Score

4.60

Base Metrics

AV:A/AC:H/Au:N/C:N/I:N/A:C

Acknowledgements

This issue was discovered by Jian Li of Red Hat.

Red Hat Security Errata

Platform Errata Release Date
MRG Grid for RHEL 6 Server v.2 (kernel-rt) RHSA-2013:0566 2013-03-06
Red Hat Enterprise Linux 6 (kernel) RHSA-2012:1580 2012-12-18

Affected Packages State

Platform Package State
Red Hat Enterprise MRG 2 realtime-kernel Affected
Red Hat Enterprise Linux 5 kernel Not affected