vulnerability note CVE-2010-1087

Linux kernel: denial of service via NFS

Synthesis of the vulnerability

An attacker can truncate a NFS file, in order to stop the kernel, and possibly to execute code.

Severity: 2/4. Creation date: 03/03/2010.

Description of the vulnerability

The nfs_wait_on_request() function of the fs/nfs/pagelist.c file waits for the end of a query on a NFS filesystem. When a file is truncated, this function can be prematurely interrupted, which forces a write in an invalid memory page. An attacker can therefore truncate a NFS file, in order to stop the kernel, and possibly to execute code.

Complete Vigil@nce bulletin

Access to the complete Vigil@nce bulletin

Characteristics

Title: Linux kernel: denial of service via NFS. Keywords: Linux NFS denial kernel nfs_wait_on_request service. Identifiers: BID-39569, CVE-2010-1087, DSA 2053-1, RHSA-2010:0504-01, SUSE-SA:2010:031, VIGILANCE-VUL-9489.

Information sources

Publications and announces

Solutions for this vulnerability

Patch or workaround

Computer vulnerabilities tracking service

The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.
The Vigil@nce vulnerability database contains several thousand vulnerabilities.
This bulletin is published by the Vigil@nce team, which tracks computer vulnerabilities impacting systems and applications.
Computer vulnerability bulletins