3.3 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:P/A:N
0.0004 Low
EPSS
Percentile
11.0%
smbfs in Samba 3.5.8 and earlier attempts to use (1) mount.cifs to append
to the /etc/mtab file and (2) umount.cifs to append to the /etc/mtab.tmp
file without first checking whether resource limits would interfere, which
allows local users to trigger corruption of the /etc/mtab file via a
process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.
Author | Note |
---|---|
mdeslaur | we ship this suid by default, so this is medium hardy needs to get mtab lock file support backported http://git.samba.org/?p=samba.git;a=commit;h=32695912dd3ed7c02da68209328d630c89d395ba |