[Lucid, Maverick, Natty] SRU: Fix panic after nfs_umount
Ben Hutchings
ben at decadent.org.uk
Wed Dec 15 04:47:06 UTC 2010
On Mon, 2010-12-13 at 10:02 +0100, Stefan Bader wrote:
> On 12/12/2010 04:15 AM, Ben Hutchings wrote:
> > On Thu, 2010-12-09 at 16:58 +0100, Stefan Bader wrote:
> >> SRU justification:
> >>
> >> Impact: When trying to mount an export where server and client have no common
> >> authentication method, the client will abort the mount by sending an advisory
> >> unmount message to the server. A bug in the RPC client setup causes the sunrpc
> >> code to access memory outside an allocated array, which will sooner or later
> >> cause the kernel to crash.
> > [...]
> >
> > Do you have a CVE reference for this?
> >
> > Ben.
> >
> Hi Ben,
>
> no it was done as a normal bug afaik. Should we have one?
If I understand correctly, it allows a rogue server to make a client
crash by refusing all its authentication methods. Obviously this can
also happen without malicious intent, but I don't think that matters.
Ben.
--
Ben Hutchings
Once a job is fouled up, anything done to improve it makes it worse.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 828 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20101215/1f1be792/attachment.sig>
More information about the kernel-team
mailing list