fs/cifs/cifssmb.c in the CIFS implementation in the Linux kernel before
2.6.34-rc4 allows remote attackers to cause a denial of service (panic) via
an SMB response packet with an invalid CountHigh value, as demonstrated by
a response from an OS/2 server, related to the CIFSSMBWrite and
Suresh Jayaraman discovered that CIFS did not correctly validate certain
response packats. A remote attacker could send specially crafted traffic
that would crash the system, leading to a denial of service.
Updated: 2016-01-26 17:36:29 UTC (commit 10507)