Candidate: CVE-2006-5158 References: http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=9b5b1f5bf9dcdb6f23abf65977a675eb4deba3c0 Description: The nlmclnt_mark_reclaim in clntlock.c in NFS lockd in Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (process crash) and deny access to NFS exports via unspecified vectors that trigger a kernel oops (null dereference) and a deadlock. Ubuntu-Description: Matthias Andree discovered that the NFS locking management daemon (lockd) did not correctly handle mixing of 'lock' and 'nolock' option mounts on the same client. A remote attacker could exploit this to crash lockd and thus rendering the NFS imports inaccessible. Notes: Bug introduced in 2.6.9, fixed in 2.6.15-rc6 Bugs: upstream: linux-2.6: 2.6.8-sarge-security: N/A 2.4.27-sarge-security: N/A 2.6.12-breezy-security: released (2.6.12-10.41) 2.6.15-dapper-security: N/A 2.6.17-edgy: N/A