CVE-2009-3726
The MITRE CVE dictionary describes this issue as:
Find out more about CVE-2009-3726 from the MITRE CVE dictionary dictionary and NIST NVD.
Statement
The Linux kernel as shipped with Red Hat Enterprise Linux 3 did not have support for NFSv4, and therefore is not affected by this issue. It was addressed in Red Hat Enterprise Linux 4, 5, and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2010-0474.html, https://rhn.redhat.com/errata/RHSA-2009-1670.html and https://rhn.redhat.com/errata/RHSA-2009-1635.html respectively.
CVSS v2 metrics
| Base Score | 7.2 |
|---|---|
| Base Metrics | AV:L/AC:L/Au:N/C:C/I:C/A:C |
| Access Vector | Local |
| Access Complexity | Low |
| Authentication | None |
| Confidentiality Impact | Complete |
| Integrity Impact | Complete |
| Availability Impact | Complete |
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Red Hat Security Errata
| Platform | Errata | Release Date |
|---|---|---|
| Red Hat Enterprise Linux 5 (kernel) | RHSA-2009:1670 | 2009-12-15 |
| MRG Grid for RHEL 5 Server (kernel-rt) | RHSA-2009:1635 | 2009-12-03 |
| Red Hat Enterprise Linux 4 (kernel) | RHSA-2010:0474 | 2010-06-15 |
Acknowledgements
Red Hat would like to thank Simon Vallet for responsibly reporting this issue.CVE description copyright © 2017, The MITRE Corporation
