[VIM] CVE-2006-5158 (NFS lockd in Linux) - more than SUSE
Steven M. Christey
coley at mitre.org
Tue Oct 10 14:17:53 EDT 2006
FYI, this was originally thought to be SUSE-specific based on CVE's
interpretation of SUSE'S advisory text, but we were just notified that
this affects the kernel itself, so other distros may be affected as
This was not originally presented as an attacker-controllable DoS,
which is why the original post/patch dates are so old.
The current CVE desc tries to resolve why SuSE said "deadlock" from
the "oops" in the patch, but it's a bit of a guess.
Reference: MLIST:[linux-kernel] 20051216 lockd: couldn't create RPC handle for (host)
Reference: MLIST:[linux-kernel] 20051218 Re: lockd: couldn't create RPC handle for (host)
The nlmclnt_mark_reclaim in clntlock.c in NFS lockd in Linux kernel
before 2.6.16 allows remote attackers to cause a denial of service
(process crash) and deny access to NFS exports via unspecified vectors
that trigger a kernel oops (null dereference) and a deadlock.
More information about the VIM