[CVE-2007-5904] Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earlier

Bug #162642 reported by Stephan Rügamer
258
Affects Status Importance Assigned to Milestone
linux-source-2.6.22 (Ubuntu)
Fix Released
High
Alessio Igor Bogani

Bug Description

Binary package hint: linux-source-2.6.22

Dear Colleagues,

from CVE:

Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long SMB responses that trigger the overflows in the SendReceive function.

Looks like that an explanation and fixes are
http://marc.info/?l=linux-kernel&m=119455843205403&w=2
and
http://marc.info/?l=linux-kernel&m=119457447724276&w=2

Regards,

\sh

CVE References

Revision history for this message
disabled.user (disabled.user-deactivatedaccount) wrote :
Changed in linux-source-2.6.22:
assignee: nobody → ubuntu-kernel-team
importance: Undecided → High
status: New → Triaged
Changed in linux-source-2.6.22:
assignee: ubuntu-kernel-team → timg-tpi
Revision history for this message
Tim Gardner (timg-tpi) wrote :

sfrench patch is not upstream, nor has it been back ported for the stable kernel series.

Changed in linux-source-2.6.22:
assignee: timg-tpi → abogani
status: Triaged → Fix Committed
Revision history for this message
Tim Gardner (timg-tpi) wrote :
Revision history for this message
Leann Ogasawara (leannogasawara) wrote :

Marking this "Fix Released" - http://www.ubuntu.com/usn/usn-618-1

Changed in linux-source-2.6.22:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.