/[kernel-sec]/retired/CVE-2005-4798
ViewVC logotype

Contents of /retired/CVE-2005-4798

Parent Directory Parent Directory | Revision Log Revision Log

Revision 600 - (show annotations) (download)
Tue Sep 26 05:25:01 2006 UTC (6 years, 7 months ago) by dannf
File size: 1021 byte(s) 
retire all issues that have been fixed upstream and in all listed kernels that are affected
1 Candidate: CVE-2005-4798
2 References:
3 http://www.ussg.iu.edu/hypermail/linux/kernel/0509.1/1333.html
4 http://www.kernel.org/git/?p=linux/kernel/git/marcelo/linux-2.4.git;a=commit;h=87e03738fc15dc3ea4acde3a5dcb5f84b6b6152b
5 http://www.kernel.org/git/?p=linux/kernel/git/marcelo/linux-2.4.git;a=commitdiff;h=87e03738fc15dc3ea4acde3a5dcb5f84b6b6152b
6 Description:
7 Buffer overflow in NFS readlink handling in the Linux Kernel 2.4 up to 2.4.31
8 allows remote NFS servers to cause a denial of service (crash) via a long
9 symlink, which is not properly handled in (1) nfs2xdr.c or (2) nfs3xdr.c and
10 causes a crash in the NFS client.
11 Notes:
12 dannf> >= 2.6.13 not affected according to:
13 dannf> http://www.ussg.iu.edu/hypermail/linux/kernel/0509.1/1333.html
14 dannf> 2.6.8 looks affected to me - including my shot at a fix...
15 Bugs:
16 upstream:
17 linux-2.6: N/A
18 2.6.8-sarge-security: released (2.6.8-16sarge5) [nfs-handle-long-symlinks.dpatch]
19 2.4.27-sarge-security: released (2.4.27-10sarge4) [223_nfs-handle-long-symlinks.diff]
  ViewVC Help
Powered by ViewVC 1.1.5