Use-After-Free Vulnerability in Linux Kernel on Red Hat Enterprise Linux 6
CVE-2011-0714

Currently unrated

Key Information:

Vendor
Linux
Status
Linux Kernel
Enterprise Linux
Vendor
CVE Published:
4 May 2011

Summary

A use-after-free vulnerability exists in a specific Red Hat patch affecting RPC server sockets within the Linux Kernel 2.6.32 on Red Hat Enterprise Linux 6. This flaw may enable remote attackers to execute a denial of service attack by sending malformed data packets, which could lead to unintended behavior and potential crashes. The malfunction relates particularly to the lockd service and the handling of invalid data within the svc_xprt_received function, increasing the risk of service disruption.

References

http://openwall.com/lists/oss-security/2011/03/08/17
mailing-listx_refsource_MLIST
https://bugzilla.redhat.com/show_bug.cgi?id=678144
x_refsource_CONFIRM
http://openwall.com/lists/oss-security/2011/03/09/1
mailing-listx_refsource_MLIST

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2011-0714 : Use-After-Free Vulnerability in Linux Kernel on Red Hat Enterprise Linux 6 | SecurityVulnerability.io