Published: 17/05/2012 Updated: 13/02/2023

CVSS v2 Base Score: 4.6 | Impact Score: 6.9 | Exploitability Score: 3.2

VMScore: 410

Vector: AV:A/AC:H/Au:N/C:N/I:N/A:C

The NFSv4 implementation in the Linux kernel prior to 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 3.2
linux linux kernel 3.2.1

Synopsis Moderate: kernel security, bug fix and enhancement update Type/Severity Security Advisory: Moderate Topic Updated kernel packages that fix multiple security issues, numerous bugsand add one enhancement are now available for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated thi ...

Synopsis Moderate: Red Hat Enterprise Linux 6 kernel security, bug fix and enhancement update Type/Severity Security Advisory: Moderate Topic Updated kernel packages that fix two security issues, address severalhundred bugs and add numerous enhancements are now available as part of theongoing support and ma ...

Synopsis Moderate: kernel security and bug fix update Type/Severity Security Advisory: Moderate Topic Updated kernel packages that fix two security issues and several bugs arenow available for Red Hat Enterprise Linux 62 Extended Update SupportThe Red Hat Security Response Team has rated this update as ha ...

Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel-rt packages that fix multiple security issues and variousbugs are now available for Red Hat Enterprise MRG 21The Red Hat Security Response Team has rated this update as havingimportant ...

Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel-rt packages that fix several security issues and multiplebugs are now available for Red Hat Enterprise MRG 23The Red Hat Security Response Team has rated this update as havingimportant ...

Several security issues were fixed in the kernel ...

A flaw was found in the way the Linux kernel's Event Poll (epoll) subsystem handled large, nested epoll structures A local, unprivileged user could use this flaw to cause a denial of service A malicious Network File System version 4 (NFSv4) server could return a crafted reply to a GETACL request, causing a denial of service on the client The rds ...

CWE-189 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.2 https://github.com/torvalds/linux/commit/bf118a342f10dafe44b14451a1392c3254629a1f http://www.openwall.com/lists/oss-security/2011/11/12/1 https://bugzilla.redhat.com/show_bug.cgi?id=747106 http://rhn.redhat.com/errata/RHSA-2012-0862.html http://secunia.com/advisories/48898 http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081280.html http://rhn.redhat.com/errata/RHSA-2012-1541.html http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bf118a342f10dafe44b14451a1392c3254629a1f https://nvd.nist.gov https://access.redhat.com/errata/RHSA-2012:1580 https://usn.ubuntu.com/1471-1/

CVE-2011-4131

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect