PROBLEM:
Linux Kernel dns_resolver Key Processing Error Lets Local Users Deny Services.
PLATFORM:
Linux Kernel 2.6.37 and prior versions
ABSTRACT:
A vulnerability was reported in the Linux Kernel. A local user can cause denial of service conditions.
reference LINKS:
SecurityTracker Alert ID:1025162
Latest Stable Kernel
CVE-2011-1076
IMPACT ASSESSMENT:
High
Discussion:
When a DNS resolver key is instantiated with an error indication, a local user can attempt to read the key to trigger a null pointer dereference and cause a kernel crash. A local user can cause the target system to crash.
Solution:
The vendor has issued a source code fix, Linux Kernel Archives available at:
Latest Stable Kernel