| The Vigil@nce team watches vulnerabilities impacting your computers, and then offers solutions, a database and tools to correct them. |
|
 |
|
|
|
vulnerability alert CVE-2008-7256 CVE-2010-1643
Linux kernel: denial of service via knfsd
Synthesis of the vulnerability
| When knfsd is used to export files on a shmemfs system, an attacker can force the kernel to dereference a NULL pointer, which stops the system. |
Severity: 1/4.
Creation date: 26/05/2010.
|
Impacted products
Description of the vulnerability
The "overcommit" feature indicate how the memory is managed (/proc/sys/vm/overcommit_memory):
0 : heuristic overcommit: a malloc() can success even if all memory has been used
1 : no overcommit
2 : strict overcommit: the success rate of malloc() is determined by overcommit_ratio
A shmfs/shmemfs filesystem is used to store files in memory.
The Linux kernel implements a NFS server (knfsd).
When a shmemfs system is exported via NFS, and when the overcommit is strict, if memory is missing, the pointer current->mm is NULL and it is dereferenced.
When knfsd is used to export files on a shmemfs system, a local attacker can therefore deplete the memory, in order to stop the system. |
Share this bulletin
Complete Vigil@nce bulletin
Characteristics
Title: Linux kernel: denial of service via knfsd.
Keywords: Linux NFS NULL denial kernel knfsd overcommit_memory overcommit_ratio service.
Identifiers: 595970, BID-40377, BID-42217, CVE-2008-7256, CVE-2010-1643, MDVSA-2010:188, MDVSA-2010:198, RHSA-2010:0631-01, SUSE-SA:2010:031, VIGILANCE-VUL-9666.
|
Information sources
Solutions for this vulnerability
Computer vulnerabilities tracking service
Vigil@nce provides a software vulnerability patch. Each administrator can customize the list of products for which he wants to receive vulnerability alerts. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications.
|
