[CVE-2007-5904] Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earlier
Bug #162642 reported by
Stephan Rügamer
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux-source-2.6.22 (Ubuntu) |
Fix Released
|
High
|
Alessio Igor Bogani |
Bug Description
Binary package hint: linux-source-2.6.22
Dear Colleagues,
from CVE:
Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long SMB responses that trigger the overflows in the SendReceive function.
Looks like that an explanation and fixes are
http://
and
http://
Regards,
\sh
CVE References
Changed in linux-source-2.6.22: | |
assignee: | nobody → ubuntu-kernel-team |
importance: | Undecided → High |
status: | New → Triaged |
Changed in linux-source-2.6.22: | |
assignee: | ubuntu-kernel-team → timg-tpi |
Changed in linux-source-2.6.22: | |
assignee: | timg-tpi → abogani |
status: | Triaged → Fix Committed |
To post a comment you must log in.
See also: git.kernel. org/?p= linux/kernel/ git/sfrench/ cifs-2. 6.git;a= commit; h=133672efbc108 5f9af990bdc145e 1822ea93bcf3
http://