Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 170872 (CVE-2007-0772)

Summary: Kernel: DoS with NFSACL 2 ACCESS request (CVE-2007-0772)
Product: Gentoo Security Reporter: Sune Kloppenborg Jeppesen (RETIRED) <jaervosz>
Component: KernelAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: kernel
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0772
Whiteboard: [linux < 2.6.16.42][linux >= 2.6.17 < 2.6.18.7][linux >= 2.6.19 < 2.6.19.4][linux >= 2.6.20 < 2.6.20.1][gp < 2.6.18-10][gp >= 2.6.19-1 < 2.6.19-8][gp >= 2.6.20-1 < 2.6.20-2]
Package list:
Runtime testing required: ---

Description Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2007-03-14 13:18:58 UTC 
The Linux kernel 2.6.13 and other versions before 2.6.20.1 allows remote attackers to cause a denial of service (oops) via a crafted NFSACL 2 ACCESS request that triggers a free of an incorrect pointer.
Comment 1 unnamedrambler 2008-03-07 19:50:04 UTC 
proposed metadata:
[linux < 2.6.16.42] 0d1335f51d535fa036c5cddccd1779cab5f2f143
[linux >= 2.6.17 < 2.6.18.7] 48f51fc263193c5e4f2102548e2ced0ab6be462d
[linux >= 2.6.19 < 2.6.19.4] 2c362497a5a1f24b961c1f51e9d1a51d9d5a1037
[linux >= 2.6.20 < 2.6.20.1] e162a033a5882bde0c3bf5a07ee2119f9535cd8c

[gp < 2.6.18-10][gp >= 2.6.19-1 < 2.6.19-8][gp >= 2.6.20-1 < 2.6.20-2]
Comment 2 kfm 2009-07-20 18:39:31 UTC 
hardened-kernel unaffected at present time. Removing alias.