oss-sec mailing list archives
Re: CVE request: [CIFS] Possible null ptr deref in SMB2_tcon
From: Moritz Muehlenhoff <jmm () debian org>
Date: Mon, 22 Sep 2014 18:00:21 +0200
On Mon, Sep 22, 2014 at 06:43:19PM +0530, P J P wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello Raphael, +-- On Wed, 17 Sep 2014, Raphael Geissert wrote --+ | Commit 18f39e7b[1] of the linux kernel repository fixes a remote null | pointer dereference on the client when it resolves DFS referrals but | the server deletes the IPC$ share. IIUC, this would occur while mounting a remote share, right? mount(2) would be a privileged operation on the client.
True, but on Debian and derivatives like Ubuntu mount.cifs is usually setuid root.
Cheers,
Moritz
Current thread:
- CVE request: [CIFS] Possible null ptr deref in SMB2_tcon Raphael Geissert (Sep 17)
- Re: CVE request: [CIFS] Possible null ptr deref in SMB2_tcon / Linux kernel cve-assign (Sep 21)
- Re: CVE request: [CIFS] Possible null ptr deref in SMB2_tcon P J P (Sep 22)
- Re: CVE request: [CIFS] Possible null ptr deref in SMB2_tcon Moritz Muehlenhoff (Sep 22)
- Re: CVE request: [CIFS] Possible null ptr deref in SMB2_tcon P J P (Sep 22)
- Re: CVE request: [CIFS] Possible null ptr deref in SMB2_tcon Moritz Muehlenhoff (Sep 22)