CVE-2009-1336
CVE-2009-1336
fs/nfs/client.c in the Linux kernel before 2.6.23 does not properly initialize a certain structure member that stores the maximum NFS filename length, which allows local users to cause a denial of service (OOPS) via a long filename, related to the encode_lookup function.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=54af3bb543c071769141387a42deaaab5074da55http://rhn.redhat.com/errata/RHSA-2009-0473.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=494074http://secunia.com/advisories/35011http://secunia.com/advisories/35015http://secunia.com/advisories/35160http://secunia.com/advisories/35324http://secunia.com/advisories/35656http://secunia.com/advisories/37471https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10859https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8495http://www.debian.org/security/2009/dsa-1794