CVE-2008-3915
Publication date 11 September 2008
Last updated 24 July 2024
Ubuntu priority
Description
Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv4 is enabled, allows remote attackers to have an unknown impact via vectors related to decoding an NFSv4 acl.
From the Ubuntu Security Team
Johann Dahm and David Richter discovered that NFSv4 did not correctly handle certain file ACLs. If NFSv4 is in use, a local attacker could create a malicious ACL that could cause a system crash, leading to a denial of service.
Status
| Package | Ubuntu Release | Status | 
|---|---|---|
| linux | ||
| linux-source-2.6.15 | ||
| linux-source-2.6.20 | ||
| linux-source-2.6.22 | ||
Patch details
| Package | Patch details | 
|---|---|
| linux |