oss-sec mailing list archives

CVE request: Linux kernel: cifs: NULL pointer dereference

From: P J P <ppandit () redhat com>
Date: Mon, 15 Apr 2013 19:26:50 +0530 (IST)

  Hello,

Linux kernel built with CIFS(CONFIG_CIFS) network file system support isvulnerable to a NULL pointer dereference flaw. It could occur during are-connection attempt.


A user/program could use this flaw to crash the system resulting in a DoS.

Upstream fix:
-------------
 -> https://git.kernel.org/linus/ea702b80e0bbb2448e201472127288beb82ca2fe

Reference:
----------
 -> https://bugzilla.redhat.com/show_bug.cgi?id=952260

Thank you.
--
Prasad J Pandit / Red Hat Security Response Team
DB7A 84C5 D3F9 7CD1 B5EB  C939 D048 7860 3655 602B

Current thread:

CVE request: Linux kernel: cifs: NULL pointer dereference P J P (Apr 15)
- Re: CVE request: Linux kernel: cifs: NULL pointer dereference cve-assign (Apr 28)