Bug#743984: kfreebsd-9: CVE-2014-1453: nfsserver denial of service
Package: src:kfreebsd-9
Version: 9.0-10+deb70.6
Severity: grave
Tags: security upstream
Control: found -1 kfreebsd-9/9.0-10
The new NFS server implementation, used by default in the kernel of
FreeBSD 9.0 and later, is vulnerable to denial of service (deadlock) by
authorised NFS clients.
http://security.FreeBSD.org/advisories/FreeBSD-SA-14:05.nfsserver.asc
kfreebsd-10 is also affected.
kfreebsd-8 (squeeze and wheezy) may have vulnerable code present, but
the new NFS implementation isn't the one used there by default.
Reply to: