On 05/31/2012 09:28 AM, Brad Figg wrote:
> The fix for CVE-2011-4131 was not complete. Malicious NFS server could still
> crash the clients when more than 2 GETATTR bitmap words are returned in
> response to the FATTR4_ACL attribute request.
>
> Sachin Prabhu (2):
> Avoid reading past buffer when calling GETACL
> Avoid beyond bounds copy while caching ACL
>
> fs/nfs/nfs4proc.c | 28 +++++++++++++++-------------
> fs/nfs/nfs4xdr.c | 18 +++++++++++-------
> 2 files changed, 26 insertions(+), 20 deletions(-)
>
--
Brad Figg
brad.figg@cano... http://www.canonical.com
--
kernel-team mailing list
kernel-team@list...
https://lists.ubuntu.com/mailman/listinfo/kernel-team
opensubscriber is not affiliated with the authors of this message nor responsible for its content.
Delicious
Digg
reddit
Facebook
StumbleUpon
