CVE-2011-4325

medium

Description

The NFS implementation in Linux kernel before 2.6.31-rc6 calls certain functions without properly initializing certain data, which allows local users to cause a denial of service (NULL pointer dereference and O_DIRECT oops), as demonstrated using diotest4 from LTP.

References

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=1ae88b2e4

http://www.securityfocus.com/bid/51366

https://bugzilla.redhat.com/show_bug.cgi?id=755455

https://exchange.xforce.ibmcloud.com/vulnerabilities/72297

Details

Source: MITRE

Published: 2012-01-27

Updated: 2017-08-29

Type: NVD-CWE-Other

Risk Information

CVSS v2

Base Score: 4.9

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 3.9

Severity: MEDIUM