On Mon, 2011-03-28 at 17:36 +0800, Mi Jinlong wrote: > > dann frazier: > > Mi, > > We were wondering if you could help us define the security impact (if > > any) of your fix for nfsd4_op_flags, commit 5ece3ca upstream. If it > > does have a security impact, we can work with MITRE to get a CVE ID > > assigned. > > > > The problem just affect NFS4.1, I can't meet some security impact. I think the overlapping flag values may have caused a security flaw because the flags are involved in protocol validation and the overlap resulted in some flag tests succeeding where they should have failed. Judging by the comments on what these flags mean, it seems like this could cause at least a denial of service. But perhaps not. Ben. -- Ben Hutchings Once a job is fouled up, anything done to improve it makes it worse.
Description: This is a digitally signed message part