PublicDate: 2007-09-14 01:17:00 UTC
Candidate: CVE-2007-3740
References: 
 https://ubuntu.com/security/notices/USN-518-1
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3740
Description:
 The CIFS filesystem in the Linux kernel before 2.6.22, when Unix extension
 support is enabled, does not honor the umask of a process, which allows
 local users to gain privileges.
Ubuntu-Description: 
 It was discovered that certain CIFS filesystem actions did not honor the umask
 of a process. Local attackers could exploit this to gain additional privileges.
Notes: 
Bugs: 
Priority: medium
Discovered-by:
Assigned-to: 
CVSS: 
upstream_linux-source-2.6.22: released (2.6.22)
upstream_linux-source-2.6.15: needed
upstream_linux-source-2.6.17: needed
upstream_linux-source-2.6.20: needed
dapper_linux-source-2.6.15: released (2.6.15-29.60)
edgy_linux-source-2.6.17: released (2.6.17.1-12.41)
feisty_linux-source-2.6.20: released (2.6.20-16.32)
devel_linux-source-2.6.22: released (2.6.22-12.39)