CVE: CAN-2003-0619
Updated: Tue, 06 Jul 2004 14:29:40 +0900
Summary: Integer signedness error in the decode_fh function of nfs3xdr.c in
         Linux kernel before 2.4.21 allows remote attackers to cause a denial 
	 of service (kernel panic) via a negative size value within XDR data 
	 of an NFSv3 procedure call. (text:DSA-358-4)
Priority: High
Status: Closed
Source:  DSA-358-4, RHSA-2003:172-27, LKML
Link:  http://cert.uni-stuttgart.de/archive/vuln-dev/2003/07/msg00053.html
       http://www.ultramonkey.org/news_archive.shtml#2003060500
       http://www.ultramonkey.org/news_archive.shtml#2003102300
       http://www.ultramonkey.org/news_archive.shtml#2003080601
Resolved In:
  Kernel: 2.4.21-pre3
  Patch:  http://linux.bkbits.net:8080/linux-2.4/cset@1.1019.3.3??nav=index.html
  Red Hat Linux 7.3:
          Vendor:      kernel-2.4.20-13.7
          UltraMonkey: kernel-2.4.20-18.7.um.1
  Red Hat Linux 8.0:
          Vendor:      kernel-2.4.20-13.8
          UltraMonkey: kernel-2.4.20-18.8.um.1
  Red Hat Linux 9:
          Vendor:      kernel-2.4.20-13.9
          UltraMonkey: kernel-2.4.20-20.9.um.1
  Fedora Core 1:
          Vendor:      Not Vulnerable (>=2.4.21-pre3)
          UltraMonkey: Not Vulnerable (>=2.4.21-pre3)
  Red Hat Enterprise Linux 3:
          Vendor:      Not Vulnerable (>=2.4.21-pre3)
          UltraMonkey: Not Vulnerable (>=2.4.21-pre3)
  Debian Woody:
          Vendor:      kernel-source-2.4.18_2.4.18-10
          UltraMonkey: kernel-source-2.4.20_2.4.20-11
  Debian Sid:
          Vendor:      kernel-source-2.4.20_2.4.20-10
          UltraMonkey: kernel-source-2.4.20_2.4.20-11