PublicDate: 2007-11-09 18:46:00 UTC
Candidate: CVE-2007-5904
References:
 https://ubuntu.com/security/notices/USN-618-1
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5904
Description:
 Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earlier
 allows remote attackers to cause a denial of service (crash) and possibly
 execute arbitrary code via long SMB responses that trigger the overflows in
 the SendReceive function.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.edge.launchpad.net/ubuntu/+source/linux-source-2.6.22/+bug/162642
Priority: medium
Discovered-by:
Assigned-to: kees
CVSS: 

upstream_linux-source-2.6.15: needs-triage
dapper_linux-source-2.6.15: released (2.6.15-52.67)
edgy_linux-source-2.6.15: DNE
feisty_linux-source-2.6.15: DNE
gutsy_linux-source-2.6.15: DNE

upstream_linux-source-2.6.17: needs-triage
dapper_linux-source-2.6.17: DNE
edgy_linux-source-2.6.17: ignored (EOL)
feisty_linux-source-2.6.17: DNE
gutsy_linux-source-2.6.17: DNE

upstream_linux-source-2.6.20: needs-triage
dapper_linux-source-2.6.20: DNE
edgy_linux-source-2.6.20: DNE
feisty_linux-source-2.6.20: released (2.6.20-17.36)
gutsy_linux-source-2.6.20: DNE

upstream_linux-source-2.6.22: needs-triage
dapper_linux-source-2.6.22: DNE
edgy_linux-source-2.6.22: DNE
feisty_linux-source-2.6.22: DNE
gutsy_linux-source-2.6.22: released (2.6.22-15.54)

upstream_linux: released (2.6.23)
hardy_linux: not-affected (2.6.24-4.7)
devel_linux: not-affected (2.6.24-4.7)