CVE-2009-3726
CVE-2009-3726
The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in the Linux kernel before 2.6.31-rc4 allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) by sending a certain response containing incorrect file attributes, which trigger attempted use of an open file that lacks NFSv4 state.
Produtos afetados
n/a · n/aPoCs públicas encontradas — 1
exploitdbwww.exploit-db.com/exploits/10202não verificado⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d953126a28f97ec965d23c69fd5795854c048f30http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.htmlhttp://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.htmlhttp://lists.vmware.com/pipermail/security-announce/2010/000082.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=529227http://secunia.com/advisories/37909http://secunia.com/advisories/38794http://secunia.com/advisories/38834http://secunia.com/advisories/40218https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6636