Wind River Support Network


LIN5-18196 : Security Advisory - nfs-utils. - CVE-2011-1749

Created: Mar 2, 2014    Updated: Dec 19, 2017
Resolved Date: Mar 10, 2014
Found In Version:
Fix Version:
Severity: Standard
Applicable for: Wind River Linux 5
Component/s: Userspace


The nfs_addmntent function in support/nfs/nfs_mntent.c in the mount.nsf tool in nfs-utils before 1.2.4 attempts to append to the /etc/mtab file without first checking whether resource limits would interfere, which allows local users to corrupt this file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.

Other Downloads

Live chat