Linux Kernel NFS Client Denial of Service Vulnerability
BID:16922
Info
Linux Kernel NFS Client Denial of Service Vulnerability
| Bugtraq ID: | 16922 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2006-0555 |
| Remote: | No |
| Local: | Yes |
| Published: | Mar 02 2006 12:00AM |
| Updated: | Jan 18 2007 02:40AM |
| Credit: | Announced in the kernel changelog. |
| Vulnerable: |
Ubuntu Ubuntu Linux 5.10 powerpc Ubuntu Ubuntu Linux 5.10 i386 Ubuntu Ubuntu Linux 5.10 amd64 Ubuntu Ubuntu Linux 5.0 4 powerpc Ubuntu Ubuntu Linux 5.0 4 i386 Ubuntu Ubuntu Linux 5.0 4 amd64 Ubuntu Ubuntu Linux 4.1 ppc Ubuntu Ubuntu Linux 4.1 ia64 Ubuntu Ubuntu Linux 4.1 ia32 SuSE SUSE Linux Enterprise Server 8 SuSE Linux Enterprise Server 9 SuSE Linux Desktop 1.0 S.u.S.E. UnitedLinux 1.0 S.u.S.E. Novell Linux Desktop 1.0 S.u.S.E. Linux Professional 10.0 OSS S.u.S.E. Linux Professional 10.0 S.u.S.E. Linux Professional 9.3 x86_64 S.u.S.E. Linux Professional 9.3 S.u.S.E. Linux Professional 9.2 x86_64 S.u.S.E. Linux Professional 9.2 S.u.S.E. Linux Professional 9.1 x86_64 S.u.S.E. Linux Professional 9.1 S.u.S.E. Linux Personal 10.0 OSS S.u.S.E. Linux Personal 9.3 x86_64 S.u.S.E. Linux Personal 9.3 S.u.S.E. Linux Personal 9.2 x86_64 S.u.S.E. Linux Personal 9.2 S.u.S.E. Linux Personal 9.1 x86_64 S.u.S.E. Linux Personal 9.1 S.u.S.E. Linux Enterprise Server for S/390 9.0 S.u.S.E. Linux Enterprise Server for S/390 Redhat Fedora Core4 Redhat Enterprise Linux WS 4 Redhat Enterprise Linux ES 4 Redhat Enterprise Linux AS 4 Redhat Desktop 4.0 Mandriva Linux Mandrake 2006.0 x86_64 Mandriva Linux Mandrake 2006.0 MandrakeSoft Multi Network Firewall 2.0 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 Linux kernel 2.6.15 .3 Linux kernel 2.6.15 .2 Linux kernel 2.6.15 .1 Linux kernel 2.6.15 -rc3 Linux kernel 2.6.15 -rc2 Linux kernel 2.6.15 -rc1 Linux kernel 2.6.15 Debian Linux 3.1 sparc Debian Linux 3.1 s/390 Debian Linux 3.1 ppc Debian Linux 3.1 mipsel Debian Linux 3.1 mips Debian Linux 3.1 m68k Debian Linux 3.1 ia-64 Debian Linux 3.1 ia-32 Debian Linux 3.1 hppa Debian Linux 3.1 arm Debian Linux 3.1 amd64 Debian Linux 3.1 alpha Debian Linux 3.1 Avaya S8710 R2.0.1 Avaya S8710 R2.0.0 Avaya S8710 CM 3.1 Avaya S8700 R2.0.1 Avaya S8700 R2.0.0 Avaya S8700 CM 3.1 Avaya S8500 R2.0.1 Avaya S8500 R2.0.0 Avaya S8500 CM 3.1 Avaya S8300 R2.0.1 Avaya S8300 R2.0.0 Avaya S8300 CM 3.1 |
| Not Vulnerable: |
Linux kernel 2.6.15.5 |
Discussion
Linux Kernel NFS Client Denial of Service Vulnerability
Linux kernel NFS client is prone to a denial-of-service vulnerability. An unprivileged local user can panic the NFS client and cause it to fail.
This issue was addressed in Linux kernel 2.6.15.5; earlier versions are vulnerable.
Linux kernel NFS client is prone to a denial-of-service vulnerability. An unprivileged local user can panic the NFS client and cause it to fail.
This issue was addressed in Linux kernel 2.6.15.5; earlier versions are vulnerable.
Exploit / POC
Linux Kernel NFS Client Denial of Service Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]
Solution / Fix
Linux Kernel NFS Client Denial of Service Vulnerability
Solution:
Linux kernel 2.6.15.5 has been released to address this and other issues.
Please see the referenced advisories for details on obtaining and applying fixes.
Linux kernel 2.6.15
Linux kernel 2.6.15 -rc1
Linux kernel 2.6.15 -rc3
Linux kernel 2.6.15 .2
Linux kernel 2.6.15 .1
Linux kernel 2.6.15 .3
Linux kernel 2.6.15 -rc2
Solution:
Linux kernel 2.6.15.5 has been released to address this and other issues.
Please see the referenced advisories for details on obtaining and applying fixes.
Linux kernel 2.6.15
-
Linux patch-2.6.15.5.bz2
http://www.kernel.org/pub/linux/kernel/v2.6/patch-2.6.15.5.bz2
Linux kernel 2.6.15 -rc1
-
Linux patch-2.6.15.5.bz2
http://www.kernel.org/pub/linux/kernel/v2.6/patch-2.6.15.5.bz2
Linux kernel 2.6.15 -rc3
-
Linux patch-2.6.15.5.bz2
http://www.kernel.org/pub/linux/kernel/v2.6/patch-2.6.15.5.bz2
Linux kernel 2.6.15 .2
-
Linux patch-2.6.15.5.bz2
http://www.kernel.org/pub/linux/kernel/v2.6/patch-2.6.15.5.bz2
Linux kernel 2.6.15 .1
-
Linux patch-2.6.15.5.bz2
http://www.kernel.org/pub/linux/kernel/v2.6/patch-2.6.15.5.bz2
Linux kernel 2.6.15 .3
-
Linux patch-2.6.15.5.bz2
http://www.kernel.org/pub/linux/kernel/v2.6/patch-2.6.15.5.bz2
Linux kernel 2.6.15 -rc2
-
Linux patch-2.6.15.5.bz2
http://www.kernel.org/pub/linux/kernel/v2.6/patch-2.6.15.5.bz2
References
Linux Kernel NFS Client Denial of Service Vulnerability
References:
References: