[kernel-sec-discuss] r516 - patch-tracking
Martin Pitt
mpitt at costa.debian.org
Wed Jul 26 08:53:30 UTC 2006
Author: mpitt
Date: 2006-07-26 08:53:30 +0000 (Wed, 26 Jul 2006)
New Revision: 516
Modified:
patch-tracking/CVE-2006-3468
Log:
flesh out CVE-2006-3468
Modified: patch-tracking/CVE-2006-3468
===================================================================
--- patch-tracking/CVE-2006-3468 2006-07-26 08:43:33 UTC (rev 515)
+++ patch-tracking/CVE-2006-3468 2006-07-26 08:53:30 UTC (rev 516)
@@ -1,10 +1,27 @@
Candidate: CVE-2006-3468
References:
-Description:
+Description:
+ Linux kernel 2.6.x, when using both NFS and EXT3, allows remote
+ attackers to cause a denial of service (file system panic) via a
+ crafted UDP packet with a V2 lookup procedure that specifies a bad
+ file handle (inode number), which triggers an error and causes an
+ exported directory to be remounted read-only.
+Ubuntu-Description:
+ James McKenzie discovered a Denial of Service vulnerability in the
+ NFS driver. When exporting an ext3 file system over NFS, a remote
+ attacker could exploit this to trigger a file system panic by sending
+ a specially crafted UDP packet.
Notes:
+ http://lkml.org/lkml/2006/7/20/1: proposed patch
+ unclear whether 2.4 is affected
Bugs:
+ https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=199172
upstream:
-linux-2.6.16:
-linux-2.6:
-2.6.8-sarge-security:
+linux-2.6.16: needed
+linux-2.6: needed
+2.6.8-sarge-security: eeded
2.4.27-sarge-security:
+2.6.10-hoary-security: needed
+2.6.12-breezy-security: needed
+26.15-dapper-security: needed
+2.6.17-edgy: needed
More information about the kernel-sec-discuss
mailing list