Bug 747106 (CVE-2011-4131)
Summary: | CVE-2011-4131 kernel: nfs4_getfacl decoding kernel oops | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Petr Matousek <pmatouse> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | Jian Li <jiali> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | anton, arozansk, bfields, bhu, davids, dhoward, dhowells, fhrbata, jiali, jkacur, jlayton, jwest, kernel-mgr, lgoncalv, lwang, nmurray, plougher, rt-maint, rwheeler, security-response-team, sforsber, sprabhu, steved, vgoyal, williams |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2013-04-24 05:29:31 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 753227, 753228, 753230, 753231, 753232, 753236, 761378 | ||
Bug Blocks: | 746922, 767288, 784298 |
Description
Petr Matousek
2011-10-18 20:18:37 UTC
Statement: This issue does not affect the Linux kernel as shipped with Red Hat Enterprise Linux 4 as it does not provide support for NFS ACLs. This issue does not affect the Linux kernel as shipped with Red Hat Enterprise Linux 5. This has been addressed in Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2012-0333.html. Future kernel updates in Red Hat Enterprise Linux 6 may address this issue. Created kernel tracking bugs for this issue Affects: fedora-all [bug 753236] At this point, I'm waiting to see if Trond plans to take the patch. Once he confirms that I'll backport it for RHEL5 and 6. (In reply to comment #9) > At this point, I'm waiting to see if Trond plans to take the patch. Once he > confirms that I'll backport it for RHEL5 and 6. Jeff, what's the status? Are they using the patch for the upstream kernel? I've handed this bug off to Sachin who has found a bug in the upstream patch. This issue has been addressed in following products: MRG for RHEL-6 v.2 Via RHSA-2012:0333 https://rhn.redhat.com/errata/RHSA-2012-0333.html Complete fix consists of the following upstream Linux kernel commits: bf118a342f10dafe44b14451a1392c3254629a1f 20e0fa98b751facf9a1101edaefbc19c82616a68 5794d21ef4639f0e33440927bb903f9598c21e92 5a00689930ab975fdd1b37b034475017e460cf2a This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2012:0862 https://rhn.redhat.com/errata/RHSA-2012-0862.html This issue has been addressed in following products: Red Hat Enterprise Linux 6.2 EUS - Server Only Via RHSA-2012:1541 https://rhn.redhat.com/errata/RHSA-2012-1541.html |