CVE-2012-2375

The __nfs4_get_acl_uncached function in fs/nfs/nfs4proc.c in the NFSv4 implementation in the Linux kernel before 3.3.2 uses an incorrect length variable during a copy operation, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words in an FATTR4_ACL reply. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-4131.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.3:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.3:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.3:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.3:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.3:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.3:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.3:rc7:*:*:*:*:*:*

History

07 Nov 2023, 02:10

Type Values Removed Values Added
Summary The __nfs4_get_acl_uncached function in fs/nfs/nfs4proc.c in the NFSv4 implementation in the Linux kernel before 3.3.2 uses an incorrect length variable during a copy operation, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words in an FATTR4_ACL reply. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-4131. The __nfs4_get_acl_uncached function in fs/nfs/nfs4proc.c in the NFSv4 implementation in the Linux kernel before 3.3.2 uses an incorrect length variable during a copy operation, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words in an FATTR4_ACL reply. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-4131.

13 Feb 2023, 04:33

Type Values Removed Values Added
References
  • {'url': 'https://access.redhat.com/errata/RHSA-2012:1580', 'name': 'https://access.redhat.com/errata/RHSA-2012:1580', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://access.redhat.com/security/cve/CVE-2012-2375', 'name': 'https://access.redhat.com/security/cve/CVE-2012-2375', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://access.redhat.com/errata/RHSA-2013:0566', 'name': 'https://access.redhat.com/errata/RHSA-2013:0566', 'tags': [], 'refsource': 'MISC'}
Summary CVE-2012-2375 kernel: incomplete fix for CVE-2011-4131 The __nfs4_get_acl_uncached function in fs/nfs/nfs4proc.c in the NFSv4 implementation in the Linux kernel before 3.3.2 uses an incorrect length variable during a copy operation, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words in an FATTR4_ACL reply. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-4131.

03 Feb 2023, 16:15

Type Values Removed Values Added
References
  • {'url': 'http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=20e0fa98b751facf9a1101edaefbc19c82616a68', 'name': 'http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=20e0fa98b751facf9a1101edaefbc19c82616a68', 'tags': ['Patch'], 'refsource': 'CONFIRM'}
  • (MISC) https://access.redhat.com/errata/RHSA-2012:1580 -
  • (MISC) https://access.redhat.com/security/cve/CVE-2012-2375 -
  • (MISC) https://access.redhat.com/errata/RHSA-2013:0566 -
  • (MISC) http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=20e0fa98b751facf9a1101edaefbc19c82616a68 -
Summary The __nfs4_get_acl_uncached function in fs/nfs/nfs4proc.c in the NFSv4 implementation in the Linux kernel before 3.3.2 uses an incorrect length variable during a copy operation, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words in an FATTR4_ACL reply. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-4131. CVE-2012-2375 kernel: incomplete fix for CVE-2011-4131

Information

Published : 2012-06-13 10:24

Updated : 2023-12-10 11:16


NVD link : CVE-2012-2375

Mitre link : CVE-2012-2375

CVE.ORG link : CVE-2012-2375


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-189

Numeric Errors