Veracode Vulnerability DatabaseVERACODE:23705Denial Of Service (DoS)
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
kernel isvulnerable to denial of service (DoS). The vulnerability exists as several flaws were found in the way the Linux kernel CIFS implementation handles Unicode strings. CIFS clients convert Unicode strings sent by a server to their local character sets, and then write those strings into memory. If a malicious server sent a long enough string, it could write past the end of the target memory region and corrupt other memory areas, possibly leading to a denial of service or privilege escalation on the client mounting the CIFS share.
References
blog.fefe.de/?ts=b72905a8
git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b363b3304bcf68c4541683b2eff70b29f0446a5b
lists.opensuse.org/opensuse-security-announce/2009-05/msg00002.html
lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html
lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html
lists.opensuse.org/opensuse-security-announce/2009-06/msg00002.html
lists.samba.org/archive/linux-cifs-client/2009-April/004322.html
secunia.com/advisories/34981
secunia.com/advisories/35011
secunia.com/advisories/35120
secunia.com/advisories/35121
secunia.com/advisories/35185
secunia.com/advisories/35217
secunia.com/advisories/35226
secunia.com/advisories/35343
secunia.com/advisories/35387
secunia.com/advisories/35390
secunia.com/advisories/35394
secunia.com/advisories/35656
secunia.com/advisories/37471
wiki.rpath.com/Advisories:rPSA-2009-0084
www.debian.org/security/2009/dsa-1787
www.debian.org/security/2009/dsa-1794
www.debian.org/security/2009/dsa-1800
www.openwall.com/lists/oss-security/2009/04/04/1
www.openwall.com/lists/oss-security/2009/04/07/3
www.openwall.com/lists/oss-security/2009/04/07/7
www.redhat.com/security/updates/classification/#important
www.redhat.com/support/errata/RHSA-2009-1081.html
www.securityfocus.com/archive/1/503610/100/0/threaded
www.securityfocus.com/archive/1/507985/100/0/threaded
www.securityfocus.com/bid/34453
www.ubuntu.com/usn/usn-793-1
www.vmware.com/security/advisories/VMSA-2009-0016.html
www.vupen.com/english/advisories/2009/3316
xorl.wordpress.com/2009/04/07/linux-kernel-tree-connect-cifs-remote-buffer-overflow/
access.redhat.com/errata/RHSA-2009:1106
bugzilla.novell.com/show_bug.cgi?id=492282
bugzilla.redhat.com/show_bug.cgi?id=494275
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10321
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8265
www.redhat.com/archives/fedora-package-announce/2009-May/msg01126.html
www.redhat.com/archives/fedora-package-announce/2009-May/msg01271.html
Related
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C