There is possible NULL pointer dereference if kstr[n]dup failed. http://www.gossamer-threads.com/lists/linux/kernel/906985 http://www.gossamer-threads.com/lists/linux/kernel/910259 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=63649bd7080a6a50fabcb1935f4b7c4e64155066 The latest Linux Kernel (2.6.25.3) is affected so previous kernels could be as well. Reproducible: Always
Only the part of the patch addressing nfs_server.export_path lead to a possible NULL ptr (the rest is just secure programming practice). See: http://www.gossamer-threads.com/lists/linux/kernel/906343 That being the case, looks like only 2.6.25 is affected. 2.6.24 and prior use strncpy carefully to assign mntpath (nfs_server.export_path in 2.6.25) in nfs4_validate_mount_data. Need a real programmer to check my statements for accuracy to be sure.