In the Linux kernel, the following vulnerability has been resolved: nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request If the request being processed is not a v4 compound request, then examining the cstate can have undefined results. This patch adds a check that the rpc procedure being executed (rq_procinfo) is the NFSPROC4_COMPOUND procedure.
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nfsd: nfsd4_spo_must_allow() debe comprobar que se trata de una solicitud compuesta v4. Si la solicitud que se está procesando no es una solicitud compuesta v4, examinar el estado de ejecución (cstate) puede tener resultados indefinidos. Este parche añade una comprobación de que el procedimiento rpc en ejecución (rq_procinfo) es el procedimiento NFSPROC4_COMPOUND.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
| Attack Vector | LOCAL |
|---|---|
| Attack Complexity | LOW |
| Privileges Required | LOW |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | NONE |
| Integrity Impact | NONE |
| Availability Impact | HIGH |
| Source | Type | Description |
|---|---|---|
| [email protected] | Primary |
en
NVD-CWE-noinfo
|
| Vendor | Product | Version | Update | Type |
|---|---|---|---|---|
| linux | linux_kernel | * | <built-in method update of dict object at 0x702b82e2d500> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702b829a5f00> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bde1817c0> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bdd67dcc0> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702b82e2d200> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702b82e2d380> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702b829a5540> | Operating System |
| debian | debian_linux | 11.0 | <built-in method update of dict object at 0x702b8052d740> | Operating System |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* |