CVE-2011-0714

Publication date 4 May 2011

Last updated 24 July 2024

Ubuntu priority

Use-after-free vulnerability in a certain Red Hat patch for the RPC server sockets functionality in the Linux kernel 2.6.32 on Red Hat Enterprise Linux (RHEL) 6 might allow remote attackers to cause a denial of service (crash) via malformed data in a packet, related to lockd and the svc_xprt_received function.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
linux	11.04 natty	Not affected
	10.10 maverick	Not affected
	10.04 LTS lucid	Not affected
	8.04 LTS hardy	Not affected
	6.06 LTS dapper	Not in release
linux-ec2	11.04 natty	Not in release
	10.10 maverick	Ignored end of life
	10.04 LTS lucid	Not affected
	8.04 LTS hardy	Not in release
	6.06 LTS dapper	Not in release
linux-fsl-imx51	11.04 natty	Not in release
	10.10 maverick	Not in release
	10.04 LTS lucid	Not affected
	8.04 LTS hardy	Not in release
	6.06 LTS dapper	Not in release
linux-lts-backport-maverick	11.04 natty	Not in release
	10.10 maverick	Not in release
	10.04 LTS lucid	Not affected
	8.04 LTS hardy	Not in release
	6.06 LTS dapper	Not in release
linux-mvl-dove	11.04 natty	Not in release
	10.10 maverick	Not affected
	10.04 LTS lucid	Not affected
	8.04 LTS hardy	Not in release
	6.06 LTS dapper	Not in release
linux-source-2.6.15	11.04 natty	Not in release
	10.10 maverick	Not in release
	10.04 LTS lucid	Not in release
	8.04 LTS hardy	Not in release
	6.06 LTS dapper	Not affected
linux-ti-omap4	11.04 natty	Not affected
	10.10 maverick	Not affected
	10.04 LTS lucid	Not in release
	8.04 LTS hardy	Not in release
	6.06 LTS dapper	Not in release

Notes

mdeslaur

probably RH specific. Needs to be checked.

apw

confirmed this bug only exists in a specific backport of b48fa6b9 which we have not so done on any Ubuntu kernel.

CVE-2011-0714

Status

Notes

mdeslaur

apw

References

Other references