PT-2011-2579 · Linux+1 · Linux Kernel+1

Adam Prince

Publicado

2011-03-08

Atualizado

2019-04-22

CVE-2011-0714

CVSS v2.0

5.7

Média

Vetor

AV:A/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel version 2.6.32 on Red Hat Enterprise Linux (RHEL) 6

Description A use-after-free issue in the RPC server sockets functionality of the Linux kernel might allow remote attackers to cause a denial of service via malformed data in a packet. This issue is related to the lockd and the svc xprt received function.

Recommendations For Linux kernel version 2.6.32 on Red Hat Enterprise Linux (RHEL) 6, consider applying a patch to fix the use-after-free vulnerability in the RPC server sockets functionality. As a temporary workaround, restrict access to the RPC service to minimize the risk of exploitation.

Correção

DoS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-399

Identificadores relacionados

CVE-2011-0714

RHSA-2011:0329

RHSA-2011_0329

Produtos afetados

Linux Kernel

Red Hat

PT-2011-2579 · Linux+1 · Linux Kernel+1

CVE-2011-0714

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8