Description
The nlmclnt_mark_reclaim in clntlock.c in NFS lockd in Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (process crash) and deny access to NFS exports via unspecified vectors that trigger a kernel oops (null dereference) and a deadlock.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Affected products
- Canonical / Ubuntu Linux5.10 – 5.10
- Canonical / Ubuntu Linux6.10 – 6.10
- Canonical / Ubuntu Linux6.06 – 6.06
- Linux / Linux kernel2.6.16
- RedHat / enterprise_linux_desktop4.0 – 4.0
- RedHat / enterprise_linux_eus4.5 – 4.5
- RedHat / enterprise_linux_server4.0 – 4.0
- RedHat / enterprise_linux_workstation4.0 – 4.0
References
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10128
- MAILING_LISThttp://marc.info/?l=linux-kernel&m=113494474208973&w=2
- VENDOR_ADVISORYhttp://secunia.com/advisories/23361
- VENDOR_ADVISORYhttp://secunia.com/advisories/26289
- VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:012
- VENDOR_ADVISORYhttp://secunia.com/advisories/25838
- VENDOR_ADVISORYhttp://secunia.com/advisories/23384
- MISChttp://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9b5b1f5bf9dcdb6f23abf65977a675eb4deba3c0
- MAILING_LISThttp://marc.info/?l=linux-kernel&m=113476665626446&w=2
- VENDOR_ADVISORYhttp://secunia.com/advisories/23752
- MISChttp://www.securityfocus.com/bid/21581
- MISChttp://support.avaya.com/elmodocs2/security/ASA-2007-287.htm
- VENDOR_ADVISORYhttp://www.ubuntu.com/usn/usn-395-1
- MISChttp://rhn.redhat.com/errata/RHSA-2007-0488.html
- VENDOR_ADVISORYhttp://www.novell.com/linux/security/advisories/2006_57_kernel.html