CVE-2012-2375
Published Jun 13, 2012
Last updated a year ago
Overview
- Description
- The __nfs4_get_acl_uncached function in fs/nfs/nfs4proc.c in the NFSv4 implementation in the Linux kernel before 3.3.2 uses an incorrect length variable during a copy operation, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words in an FATTR4_ACL reply. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-4131.
- Source
- secalert@redhat.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.6
- Impact score
- 6.9
- Exploitability score
- 3.2
- Vector string
- AV:A/AC:H/Au:N/C:N/I:N/A:C
Weaknesses
- nvd@nist.gov
- CWE-189
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A414BCFE-F436-4E67-BF24-05766DA92376",
"versionEndIncluding": "3.3.1"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AFB76697-1C2F-48C0-9B14-517EC053D4B3"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.3:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BED88DFD-1DC5-4505-A441-44ECDEF0252D"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.3:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DBFD2ACD-728A-4082-BB6A-A1EF6E58E47D"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.3:rc3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C31B0E51-F62D-4053-B04F-FC4D5BC373D2"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.3:rc4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A914303E-1CB6-4AAD-9F5F-DE5433C4E814"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.3:rc5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "203BBA69-90B2-4C5E-8023-C14180742421"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.3:rc6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0DBFAB53-B889-4028-AC0E-7E165B152A18"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.3:rc7:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FE409AEC-F677-4DEF-8EB7-2C35809043CE"
}
],
"operator": "OR"
}
]
}
]