The Linux kernel 2.6.13 and other versions before 2.6.20.1 allows remote attackers to cause a denial of service (oops) via a crafted NFSACL 2 ACCESS request that triggers a free of an incorrect pointer.
proposed metadata: [linux < 2.6.16.42] 0d1335f51d535fa036c5cddccd1779cab5f2f143 [linux >= 2.6.17 < 2.6.18.7] 48f51fc263193c5e4f2102548e2ced0ab6be462d [linux >= 2.6.19 < 2.6.19.4] 2c362497a5a1f24b961c1f51e9d1a51d9d5a1037 [linux >= 2.6.20 < 2.6.20.1] e162a033a5882bde0c3bf5a07ee2119f9535cd8c [gp < 2.6.18-10][gp >= 2.6.19-1 < 2.6.19-8][gp >= 2.6.20-1 < 2.6.20-2]
hardened-kernel unaffected at present time. Removing alias.