Linux Kernel NFS和EXT3组合远程拒绝服务漏洞

漏洞信息详情

Linux Kernel NFS和EXT3组合远程拒绝服务漏洞

• CNNVD编号：CNNVD-200607-334
• 危害等级： 高危
  
  
• CVE编号：
  CVE-2006-3468
  
• 漏洞类型：
  
  
  其他
  
• 发布时间：
  
  2006-07-21
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2006-07-21
  
• 厂        商：
  
  linux
• 漏洞来源：
  James McKenzie dis…

Linux kernel 2.6.x同时使用NFS和EXT3时，远程攻击者可以借助包含指定错误文件句柄(inode编号)的V2查找程序的特制UDP包，触发错误并造成导出的目录被重新安装为只读，从而引起拒绝服务(文件系统恐慌)。

目前厂商已经发布了升级补丁以修复这个安全问题，补丁下载链接：

Linux kernel 2.6.10

Ubuntu ide-modules-2.6.12-10-amd64-generic-di_2.6.12-10.32_amd64.udeb

Ubuntu 5.10:

http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.12/ide- modules-2.6.12-10-amd64-generic-di_2.6.12-10.32_amd64.udeb

Linux kernel 2.6.3

Mandriva kernel-2.6.12.25mdk-1-1mdk.i586.rpm

Mandriva Linux 2006.0:

http://wwwnew.mandriva.com/en/downloads

Mandriva kernel-2.6.12.25mdk-1-1mdk.x86_64.rpm

Mandriva Linux 2006.0:

http://wwwnew.mandriva.com/en/downloads

Mandriva kernel-2.6.3.35mdk-1-1mdk.i586.rpm

Corporate 3.0:

http://wwwnew.mandriva.com/en/downloads

Mandriva kernel-2.6.3.35mdk-1-1mdk.x86_64.rpm

Corporate 3.0:

http://wwwnew.mandriva.com/en/downloads

Mandriva kernel-BOOT-2.6.12.25mdk-1-1mdk.i586.rpm

Mandriva Linux 2006.0:

http://wwwnew.mandriva.com/en/downloads

Mandriva kernel-BOOT-2.6.12.25mdk-1-1mdk.x86_64.rpm

Mandriva Linux 2006.0:

http://wwwnew.mandriva.com/en/downloads

Mandriva kernel-BOOT-2.6.3.35mdk-1-1mdk.i586.rpm

Corporate 3.0:

http://wwwnew.mandriva.com/en/downloads

Mandriva kernel-BOOT-2.6.3.35mdk-1-1mdk.x86_64.rpm

Corporate 3.0:

http://wwwnew.mandriva.com/en/downloads

Mandriva kernel-enterprise-2.6.3.35mdk-1-1mdk.i586.rpm

Corporate 3.0:

http://wwwnew.mandriva.com/en/downloads

Mandriva kernel-i586-up-1GB-2.6.12.25mdk-1-1mdk.i586.rpm

Mandriva Linux 2006.0:

http://wwwnew.mandriva.com/en/downloads

Mandriva kernel-i686-up-4GB-2.6.12.25mdk-1-1mdk.i586.rpm

Mandriva Linux 2006.0:

http://wwwnew.mandriva.com/en/downloads

Mandriva kernel-i686-up-4GB-2.6.3.35mdk-1-1mdk.i586.rpm

Corporate 3.0:

http://wwwnew.mandriva.com/en/downloads

Mandriva kernel-p3-smp-64GB-2.6.3.35mdk-1-1mdk.i586.rpm

Corporate 3.0:

http://wwwnew.mandriva.com/en/downloads

Mandriva kernel-secure-2.6.3.35mdk-1-1mdk.i586.rpm

Corporate 3.0:

http://wwwnew.mandriva.com/en/downloads

Mandriva kernel-secure-2.6.3.35mdk-1-1mdk.x86_64.rpm

Corporate 3.0:

http://wwwnew.mandriva.com/en/downloads

Mandriva kernel-smp-2.6.12.25mdk-1-1mdk.i586.rpm

Mandriva Linux 2006.0:

http://wwwnew.mandriva.com/en/downloads

Mandriva kernel-smp-2.6.12.25mdk-1-1mdk.x86_64.rpm

Mandriva Linux 2006.0:

http://wwwnew.mandriva.com/en/downloads

Mandriva kernel-smp-2.6.3.35mdk-1-1mdk.i586.rpm

Corporate 3.0:

http://wwwnew.mandriva.com/en/downloads

Mandriva kernel-smp-2.6.3.35mdk-1-1mdk.x86_64.rpm

Corporate 3.0:

http://wwwnew.mandriva.com/en/downloads

Mandriva kernel-source-2.6.12.25mdk-1-1mdk.i586.rpm

Mandriva Linux 2006.0:

http://wwwnew.mandriva.com/en/downloads

Mandriva kernel-source-2.6.12.25mdk-1-1mdk.x86_64.rpm

Mandriva Linux 2006.0:

http://wwwnew.mandriva.com/en/downloads

Mandriva kernel-source-stripped-2.6.12.25mdk-1-1mdk.i586.rpm

Mandriva Linux 2006.0:

http://wwwnew.mandriva.com/en/downloads

Mandriva kernel-source-stripped-2.6.12.25mdk-1-1mdk.x86_64.rpm

Mandriva Linux 2006.0:

http://wwwnew.mandriva.com/en/downloads

Mandriva kernel-xbox-2.6.12.25mdk-1-1mdk.i586.rpm

Mandriva Linux 2006.0:

http://wwwnew.mandriva.com/en/downloads

Mandriva kernel-xen0-2.6.12.25mdk-1-1mdk.i586.rpm

Mandriva Linux 2006.0:

http://wwwnew.mandriva.com/en/downloads

Mandriva kernel-xen0-2.6.12.25mdk-1-1mdk.x86_64.rpm

Mandriva Linux 2006.0:

http://wwwnew.mandriva.com/en/downloads

Mandriva kernel-xenU-2.6.12.25mdk-1-1mdk.i586.rpm

Mandriva Linux 2006.0:

http://wwwnew.mandriva.com/en/downloads

Mandriva kernel-xenU-2.6.12.25mdk-1-1mdk.x86_64.rpm

Mandriva Linux 2006.0:

http://wwwnew.mandriva.com/en/downloads

来源: MISC

链接:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=199172

来源: MISC

链接:http://lkml.org/lkml/2006/7/17/41

来源: UBUNTU

名称: USN-346-1

链接:http://www.ubuntu.com/usn/usn-346-1

来源: TRUSTIX

名称: 2006-0046

链接:http://www.trustix.org/errata/2006/0046/

来源: BID

名称: 19396

链接:http://www.securityfocus.com/bid/19396

来源: REDHAT

名称: RHSA-2006:0617

链接:http://www.redhat.com/support/errata/RHSA-2006-0617.html

来源: SUSE

名称: SUSE-SA:2006:064

链接:http://www.novell.com/linux/security/advisories/2006_64_kernel.html

来源: SUSE

名称: SUSE-SA:2006:057

链接:http://www.novell.com/linux/security/advisories/2006_57_kernel.html

来源: SUSE

名称: SUSE-SR:2006:022

链接:http://www.novell.com/linux/security/advisories/2006_22_sr.html

来源: SUSE

名称: SUSE-SR:2006:021

链接:http://www.novell.com/linux/security/advisories/2006_21_sr.html

来源: MANDRIVA

名称: MDKSA-2006:151

链接:http://www.mandriva.com/security/advisories?name=MDKSA-2006:151

来源: MANDRIVA

名称: MDKSA-2006:150

链接:http://www.mandriva.com/security/advisories?name=MDKSA-2006:150

来源: DEBIAN

名称: DSA-1184

链接:http://www.debian.org/security/2006/dsa-1184

来源: support.avaya.com

链接:http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm

来源: SECUNIA

名称: 22822

链接:http://secunia.com/advisories/22822

来源: SECUNIA

名称: 22174

链接:http://secunia.com/advisories/22174

来源: SECUNIA

名称: 22148

链接:http://secunia.com/advisories/22148

来源: SECUNIA

名称: 22093

链接:http://secunia.com/advisories/22093

来源: SECUNIA

名称: 21934

链接:http://secunia.com/advisories/21934

来源: SECUNIA

名称: 21847

链接:http://secunia.com/advisories/21847

来源: SECUNIA

名称: 21614

链接:http://secunia.com/advisories/21614

来源: SECUNIA

名称: 21605

链接:http://secunia.com/advisories/21605

来源: SECUNIA

名称: 21369

链接:http://secunia.com/advisories/21369

来源: MANDRIVA

名称: MDKSA-2006:151

链接:http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:151

来源: MANDRIVA

名称: MDKSA-2006:150

链接:http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:150