PT-2011-2579 · Linux+1 · Linux Kernel+1

Adam Prince

Published

2011-03-08

Updated

2019-04-22

CVE-2011-0714

CVSS v2.0

5.7

Medium

Vector

AV:A/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel version 2.6.32 on Red Hat Enterprise Linux (RHEL) 6

Description A use-after-free issue in the RPC server sockets functionality of the Linux kernel might allow remote attackers to cause a denial of service via malformed data in a packet. This issue is related to the lockd and the svc xprt received function.

Recommendations For Linux kernel version 2.6.32 on Red Hat Enterprise Linux (RHEL) 6, consider applying a patch to fix the use-after-free vulnerability in the RPC server sockets functionality. As a temporary workaround, restrict access to the RPC service to minimize the risk of exploitation.

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

CVE-2011-0714

RHSA-2011:0329

RHSA-2011_0329

Affected Products

Linux Kernel

Red Hat

PT-2011-2579 · Linux+1 · Linux Kernel+1

CVE-2011-0714

Weakness Enumeration

Related Identifiers

Affected Products

References · 8