CVE-2012-2375
Publication date 13 June 2012
Last updated 24 July 2024
Ubuntu priority
The __nfs4_get_acl_uncached function in fs/nfs/nfs4proc.c in the NFSv4 implementation in the Linux kernel before 3.3.2 uses an incorrect length variable during a copy operation, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words in an FATTR4_ACL reply. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-4131.
From the Ubuntu Security Team
A flaw was discovered in the Linux kernel's NFSv4 (Network file system) handling of ACLs (access control lists). A remote NFS server (attacker) could cause a denial of service (OOPS).
Status
Package | Ubuntu Release | Status |
---|---|---|
linux | 14.04 LTS trusty |
Not affected
|
linux-armadaxp | 14.04 LTS trusty | Not in release |
linux-ec2 | 14.04 LTS trusty | Not in release |
linux-flo | 14.04 LTS trusty | Not in release |
linux-fsl-imx51 | 14.04 LTS trusty | Not in release |
linux-goldfish | 14.04 LTS trusty | Not in release |
linux-grouper | 14.04 LTS trusty | Not in release |
linux-linaro-omap | 14.04 LTS trusty | Not in release |
linux-linaro-shared | 14.04 LTS trusty | Not in release |
linux-linaro-vexpress | 14.04 LTS trusty | Not in release |
linux-lts-backport-maverick | 14.04 LTS trusty | Not in release |
linux-lts-backport-natty | 14.04 LTS trusty | Not in release |
linux-lts-backport-oneiric | 14.04 LTS trusty | Not in release |
linux-lts-quantal | 14.04 LTS trusty | Not in release |
linux-lts-raring | 14.04 LTS trusty | Not in release |
linux-lts-saucy | 14.04 LTS trusty | Not in release |
linux-lts-trusty | 14.04 LTS trusty | Not in release |
linux-maguro | 14.04 LTS trusty | Not in release |
linux-mako | 14.04 LTS trusty | Not in release |
linux-manta | 14.04 LTS trusty | Not in release |
linux-mvl-dove | 14.04 LTS trusty | Not in release |
linux-qcm-msm | 14.04 LTS trusty | Not in release |
linux-ti-omap4 | 14.04 LTS trusty | Not in release |
Notes
Patch details
Package | Patch details |
---|---|
linux |
References
Related Ubuntu Security Notices (USN)
- USN-1487-1
- Linux kernel vulnerability
- 29 June 2012
- USN-1486-1
- Linux kernel vulnerability
- 29 June 2012
- USN-1499-1
- Linux kernel (OMAP4) vulnerability
- 9 July 2012
- USN-1489-1
- Linux kernel (Oneiric backport) vulnerability
- 29 June 2012
- USN-1490-1
- Linux kernel (Natty backport) vulnerabilities
- 29 June 2012
- USN-1494-1
- Linux kernel (OMAP4) vulnerability
- 2 July 2012
- USN-1488-1
- Linux kernel vulnerabilities
- 29 June 2012
- USN-1530-1
- Linux kernel (OMAP4) vulnerabilities
- 10 August 2012