August 1, 2003

Linux Kernel NFS XDR Denial of Service

A vulnerability has been identified in the Linux kernel 2.4 branch allowing malicious users to cause a kernel panic.
The problem is that the "decode_fh" function in "nfs3xdr.c" fails to handle a negative size value in certain NFS calls. This allows malicious users to
cause a kernel panic.

Link: secunia.com

Category:

  • Linux
Click Here!