| Revision Date: | 2013-08-24 | Version: | 1 | | Title: | CVE-2013-4247 on Ubuntu 12.04 LTS (precise) - low. | | Description: | Off-by-one error in the build_unc_path_to_root function in fs/cifs/connect.c in the Linux kernel before 3.9.6 allows remote attackers to cause a denial of service (memory corruption and system crash) via a DFS share mount operation that triggers use of an unexpected DFS referral name length. Marcus Moeller and Ken Fallon discovered that the CIFS incorrectly built certain paths. A local attacker with access to a CIFS partition could exploit this to crash the system, leading to a denial of service.
| | Family: | unix | Class: | vulnerability | | Status: | | Reference(s): | CVE-2013-4247
| | Platform(s): | Ubuntu 12.04 LTS
| Product(s): | | | Definition Synopsis | | Ubuntu 12.04 LTS (precise) is installed. AND Package Information
NOT While related to the CVE in some way, the 'linux' package in precise is not affected.
OR NOT While related to the CVE in some way, the 'linux-armadaxp' package in precise is not affected.
OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
OR NOT While related to the CVE in some way, the 'linux-lts-quantal' package in precise is not affected.
OR The 'linux-lts-raring' package in precise was vulnerable but has been fixed (note: '3.8.0-29.42~precise1').
OR NOT While related to the CVE in some way, the 'linux-lts-trusty' package in precise is not affected (note: '3.13.0-24.46~precise1').
OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
OR NOT While related to the CVE in some way, the 'linux-ti-omap4' package in precise is not affected.
|
|