CVE-2011-3363 (retired)

Priority
Description
The setup_cifs_sb function in fs/cifs/connect.c in the Linux kernel before
2.6.39 does not properly handle DFS referrals, which allows remote CIFS
servers to cause a denial of service (system crash) by placing a referral
at the root of a share.
Ubuntu-Description
Yogesh Sharma discovered that CIFS did not correctly handle UNCs that had
no prefixpaths. A local attacker with access to a CIFS partition could
exploit this to crash the system, leading to a denial of service.
Notes
 mdeslaur> from oss-security: "If you have this, you might also want
 mdeslaur> cifs: add fallback in is_path_accessible for old servers
 mdeslaur> 221d1d797202984cb874e3ed9f1388593d34ee22"
Package
Upstream:released (2.6.39)
Package
Upstream:released (2.6.39)
Package
Upstream:released (2.6.39)
Package
Upstream:released (2.6.39)
Package
Upstream:released (2.6.39)
Package
Upstream:released (2.6.39)
Package
Upstream:released (2.6.39)
More Information

Updated: 2019-03-26 11:58:22 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)