CVE-2011-0714

Publication date 4 May 2011

Last updated 24 July 2024

Ubuntu priority

Medium

Why this priority?

Description

Use-after-free vulnerability in a certain Red Hat patch for the RPC server sockets functionality in the Linux kernel 2.6.32 on Red Hat Enterprise Linux (RHEL) 6 might allow remote attackers to cause a denial of service (crash) via malformed data in a packet, related to lockd and the svc_xprt_received function.

Read the notes from the security team

Status

Package Ubuntu Release Status
linux 11.04 natty
Not affected
10.10 maverick
Not affected
10.04 LTS lucid
Not affected
8.04 LTS hardy
Not affected
6.06 LTS dapper Not in release
linux-ec2 11.04 natty Not in release
10.10 maverick Ignored end of life
10.04 LTS lucid
Not affected
8.04 LTS hardy Not in release
6.06 LTS dapper Not in release
linux-fsl-imx51 11.04 natty Not in release
10.10 maverick Not in release
10.04 LTS lucid
Not affected
8.04 LTS hardy Not in release
6.06 LTS dapper Not in release
linux-lts-backport-maverick 11.04 natty Not in release
10.10 maverick Not in release
10.04 LTS lucid
Not affected
8.04 LTS hardy Not in release
6.06 LTS dapper Not in release
linux-mvl-dove 11.04 natty Not in release
10.10 maverick
Not affected
10.04 LTS lucid
Not affected
8.04 LTS hardy Not in release
6.06 LTS dapper Not in release
linux-source-2.6.15 11.04 natty Not in release
10.10 maverick Not in release
10.04 LTS lucid Not in release
8.04 LTS hardy Not in release
6.06 LTS dapper
Not affected
linux-ti-omap4 11.04 natty
Not affected
10.10 maverick
Not affected
10.04 LTS lucid Not in release
8.04 LTS hardy Not in release
6.06 LTS dapper Not in release

Notes

mdeslaur

probably RH specific. Needs to be checked.

apw

confirmed this bug only exists in a specific backport of b48fa6b9 which we have not so done on any Ubuntu kernel.

References

Other references