Wind River Support Network

HomeDefectsLIN5-18196
Fixed

LIN5-18196 : Security Advisory - nfs-utils. - CVE-2011-1749

Created: Mar 2, 2014    Updated: Dec 19, 2017
Resolved Date: Mar 10, 2014
Found In Version: 5.0.1.13
Fix Version: 5.0.1.13
Severity: Standard
Applicable for: Wind River Linux 5
Component/s: Userspace

Description

The nfs_addmntent function in support/nfs/nfs_mntent.c in the mount.nsf tool in nfs-utils before 1.2.4 attempts to append to the /etc/mtab file without first checking whether resource limits would interfere, which allows local users to corrupt this file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1749

Other Downloads


Live chat
Online