Launchpad CVE tracker

CVE 2007-5904

Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long SMB responses that trigger the overflows in the SendReceive function.

Related bugs and status

CVE-2007-5904 (Candidate) is related to these bugs:

Bug #162642: [CVE-2007-5904] Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earlier

Summary				In	Importance	Status
	162642	[CVE-2007-5904] Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earlier		linux-source-2.6.22 (Ubuntu)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

BID: 26438
SECUNIA: 27666
SUSE: SUSE-SA:2007:063
SUSE: SUSE-SA:2007:064
SECUNIA: 27888
SECUNIA: 27912
DEBIAN: DSA-1428
REDHAT: RHSA-2008:0089
CONFIRM: http://wiki.rpath.com/...
SECUNIA: 28826
CONFIRM: http://git.kernel.org/...
SUSE: SUSE-SA:2008:013
SECUNIA: 28643
SECUNIA: 29245
REDHAT: RHSA-2008:0167
SECUNIA: 29387
SECTRACK: 1019612
SUSE: SUSE-SA:2008:017
SECUNIA: 29570
SUSE: SUSE-SA:2008:030
SECUNIA: 30769
UBUNTU: USN-618-1
SECUNIA: 30818
VUPEN: ADV-2007-3860
MLIST: [linux-kernel] 2007110...
MLIST: [linux-kernel] 2007110...
XF: kernel-cifsvfs-sendrec...
OVAL: oval:org.mitre.oval:de...
BUGTRAQ: 20080208 rPSA-2008-004...

Launchpad.net

CVE 2007-5904

Related bugs and status

Related bugs

References