oss-sec mailing list archives

Re: CVE request -- kernel: cifs: always do is_path_accessible check in cifs_mount

From: Josh Bressers <bressers () redhat com>
Date: Wed, 14 Sep 2011 14:51:28 -0400 (EDT)

Please use CVE-2011-3363 for this.

Thanks.

-- 
    JB


----- Original Message -----

"Currently, we skip doing the is_path_accessible check in cifs_mount
if
there is no prefixpath. There is a report of at least one server
however
that allows a TREE_CONNECT to a share that has a DFS referral at its
root. UNC that had no prefixpath was used in that case, so the
is_path_accessible check was not triggered and the box later hit
a BUG() because we were chasing a DFS referral on the root dentry for
the mount."

Upstream fix:
70945643722ffeac779d2529a348f99567fa5c33

References:
https://bugzilla.redhat.com/show_bug.cgi?id=682829
https://github.com/mirrors/linux/commit/70945643722ffeac779d2529a348f99567fa5c33

Thanks,
--
Petr Matousek / Red Hat Security Response Team

Current thread:

CVE request -- kernel: cifs: always do is_path_accessible check in cifs_mount Petr Matousek (Sep 14)
- Re: CVE request -- kernel: cifs: always do is_path_accessible check in cifs_mount Josh Bressers (Sep 14)
  - Re: CVE request -- kernel: cifs: always do is_path_accessible check in cifs_mount akuster (Sep 23)
    - Re: CVE request -- kernel: cifs: always do is_path_accessible check in cifs_mount Eugene Teo (Sep 25)