You are here

T-571: Linux Kernel dns_resolver Key Processing Error Lets Local Users Deny Services

March 7, 2011 - 3:05pm

Addthis

PROBLEM:

Linux Kernel dns_resolver Key Processing Error Lets Local Users Deny Services.

PLATFORM:

Linux Kernel 2.6.37 and prior versions

ABSTRACT:

A vulnerability was reported in the Linux Kernel. A local user can cause denial of service conditions.

reference LINKS:

SecurityTracker Alert ID:1025162
Latest Stable Kernel
CVE-2011-1076

IMPACT ASSESSMENT:

High

Discussion:

When a DNS resolver key is instantiated with an error indication, a local user can attempt to read the key to trigger a null pointer dereference and cause a kernel crash. A local user can cause the target system to crash.

Solution:

The vendor has issued a source code fix, Linux Kernel Archives available at:
Latest Stable Kernel
 

Addthis