CVE-2011-3363

Priority
Description
The setup_cifs_sb function in fs/cifs/connect.c in the Linux kernel before
2.6.39 does not properly handle DFS referrals, which allows remote CIFS
servers to cause a denial of service (system crash) by placing a referral
at the root of a share.
Ubuntu-Description
Yogesh Sharma discovered that CIFS did not correctly handle UNCs that had
no prefixpaths. A local attacker with access to a CIFS partition could
exploit this to crash the system, leading to a denial of service.
Notes
mdeslaurfrom oss-security: "If you have this, you might also want
cifs: add fallback in is_path_accessible for old servers
221d1d797202984cb874e3ed9f1388593d34ee22"
Package
Upstream:released (2.6.39)
Package
Upstream:released (2.6.39)
Package
Upstream:released (2.6.39)
Package
Upstream:released (2.6.39)
Package
Upstream:released (2.6.39)
Package
Upstream:released (2.6.39)
Package
Upstream:released (2.6.39)
More Information

Updated: 2019-12-05 20:57:49 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)