CVE-2003-0619

Integer signedness error in the decode_fh function of nfs3xdr.c in Linux kernel before 2.4.21 allows remote attackers to cause a denial of service (kernel panic) via a negative size value within XDR data of an NFSv3 procedure call.

Published: Aug 27, 2003
Updated: Apr 13, 2023
CVE: CVE-2003-0619
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
linux / linux_kernel	-	2.4.21.x

http://marc.info/?l=bugtraq&m=105950927708272&w=2
http://www.debian.org/security/2004/dsa-358
http://www.redhat.com/support/errata/RHSA-2003-198.html
http://www.redhat.com/support/errata/RHSA-2003-239.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A386

Vulnerability Database

289,697

CVE-2003-0619