blob: 380b97b041bda52445f4a1e53579d388fa9e5a49 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
Candidate: CVE-2006-3468
References:
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=2ccb48ebb4de139eef4fcefd5f2bb823cb0d81b9
Description:
Linux kernel 2.6.x, when using both NFS and EXT3, allows remote
attackers to cause a denial of service (file system panic) via a
crafted UDP packet with a V2 lookup procedure that specifies a bad
file handle (inode number), which triggers an error and causes an
exported directory to be remounted read-only.
Ubuntu-Description:
James McKenzie discovered a Denial of Service vulnerability in the
NFS driver. When exporting an ext3 file system over NFS, a remote
attacker could exploit this to trigger a file system panic by sending
a specially crafted UDP packet.
Notes:
http://lkml.org/lkml/2006/7/20/1: proposed patch
unclear whether 2.4 is affected
dannf> Submitted to Adrian Bunk for inclusion in 2.6.16.x
dannf> ignoring 2.4 till a fix goes upstream
Bugs:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=199172
upstream: released (2.6.17.8, 2.6.18-rc4)
linux-2.6: released (2.6.18-1)
2.6.8-sarge-security: released (2.6.8-16sarge5) [fs-ext3-bad-nfs-handle.dpatch]
2.4.27-sarge-security: ignored (2.4.27-10sarge4)
2.6.10-hoary-security: released (2.6.10-34.23)
2.6.12-breezy-security: released (2.6.12-10.37)
2.6.15-dapper-security: released (2.6.15-26.47)
2.6.17-edgy: released (2.6.17-10.30)
2.6.18-etch-security: N/A
|
