kernel panics in nfs4_proc_lock() - CVE-2009-3726.
Issue
-
System crashes with following panic message:
Unable to handle kernel NULL pointer dereference at 0000000000000030 RIP: [<ffffffff8837b210>] :nfs:nfs4_proc_lock+0x21f/0x3ad PGD 1026eec067 PUD 1026f2f067 PMD 0 Oops: 0000 [1] SMP last sysfs file: /block/dm-1/range CPU 0 Modules linked in: ipmi_devintf ipmi_si ipmi_msghandler nfs lockd fscache nfs_acl sunrpc bonding ipv6 xfrm_nalgo crypto_api video hwmon backlight sbs i2c_ec button battery asus_acpi acpi_memhotplug ac joydev sg shpchp i2c_nforce2 i2c_core forcedeth dm_snapshot dm_zero dm_mod sata_nv libata mptsas mptscsih mptbase scsi_transport_sas sd_mod scsi_mod ext3 jbd uhci_hcd ohci_hcd ehci_hcd Pid: 4070, comm: XMLMissingField Not tainted 2.6.18-164.2.1.el5 #1 RIP: 0010:[<ffffffff8837b210>] [<ffffffff8837b210>] :nfs:nfs4_proc_lock+0x21f/0x3ad
Environment
-
Red Hat Enterprise Linux 4 and 5
-
MRG 1.1
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.