CVE-2008-4307
Published: 13 January 2009
Race condition in the do_setlk function in fs/nfs/file.c in the Linux kernel before 2.6.26 allows local users to cause a denial of service (crash) via vectors resulting in an interrupted RPC call that leads to a stray FL_POSIX lock, related to improper handling of a race between fcntl and close in the EINTR case.
From the Ubuntu security team
NFS did not correctly handle races between fcntl and interrupts. A local attacker on an NFS mount could consume unlimited kernel memory, leading to a denial of service.
Priority
Medium
Status
| Package | Release | Status |
|---|---|---|
|
linux Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| gutsy |
Does not exist
|
|
| hardy |
Released
(2.6.24-23.52)
|
|
| intrepid |
Not vulnerable
|
|
| upstream |
Released
(2.6.26~rc1)
|
|
|
linux-source-2.6.15 Launchpad, Ubuntu, Debian |
dapper |
Released
(2.6.15-54.76)
|
| gutsy |
Does not exist
|
|
| hardy |
Does not exist
|
|
| intrepid |
Does not exist
|
|
| upstream |
Released
(2.6.26~rc1)
|
|
|
linux-source-2.6.22 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| gutsy |
Released
(2.6.22-16.62)
|
|
| hardy |
Does not exist
|
|
| intrepid |
Does not exist
|
|
| upstream |
Released
(2.6.26~rc1)
|