Launchpad CVE tracker

CVE 2009-1336

fs/nfs/client.c in the Linux kernel before 2.6.23 does not properly initialize a certain structure member that stores the maximum NFS filename length, which allows local users to cause a denial of service (OOPS) via a long filename, related to the encode_lookup function.

Related bugs and status

CVE-2009-1336 (Candidate) is related to these bugs:

Bug #395973: Please update kernel to version 2.6.24-26.34 to fix several security vulnerabilities

Summary				In	Importance	Status
	395973	Please update kernel to version 2.6.24-26.34 to fix several security vulnerabilities		The Dell Mini Project	Undecided	Confirmed

See the

CVE page on Mitre.org for more details.

References

MLIST: [oss-security] 2009040...
MLIST: [oss-security] 2009041...
CONFIRM: http://git.kernel.org/...
CONFIRM: http://www.kernel.org/...
CONFIRM: https://bugzilla.redha...
DEBIAN: DSA-1794
SECTRACK: 1022176
SECUNIA: 35011
BID: 34390
REDHAT: RHSA-2009:0473
SECUNIA: 35015
REDHAT: RHSA-2009:1024
SECUNIA: 35160
REDHAT: RHSA-2009:1077
CONFIRM: http://www.vmware.com/...
SECUNIA: 37471
VUPEN: ADV-2009-3316
UBUNTU: USN-793-1
SECUNIA: 35656
SECUNIA: 35324
OVAL: oval:org.mitre.oval:de...
OVAL: oval:org.mitre.oval:de...
BUGTRAQ: 20091120 VMSA-2009-001...

Launchpad.net

CVE 2009-1336

Related bugs and status

Related bugs

References