5.7 Medium
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:A/AC:M/Au:N/C:N/I:N/A:C
0.004 Low
EPSS
Percentile
74.4%
Use-after-free vulnerability in a certain Red Hat patch for the RPC server
sockets functionality in the Linux kernel 2.6.32 on Red Hat Enterprise
Linux (RHEL) 6 might allow remote attackers to cause a denial of service
(crash) via malformed data in a packet, related to lockd and the
svc_xprt_received function.
Author | Note |
---|---|
mdeslaur | probably RH specific. Needs to be checked. |
apw | confirmed this bug only exists in a specific backport of b48fa6b9 which we have not so done on any Ubuntu kernel. |