CVE-2011-1678
Published: 9 April 2011
smbfs in Samba 3.5.8 and earlier attempts to use (1) mount.cifs to append to the /etc/mtab file and (2) umount.cifs to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.
Notes
Author | Note |
---|---|
mdeslaur | we ship this suid by default, so this is medium hardy needs to get mtab lock file support backported http://git.samba.org/?p=samba.git;a=commit;h=32695912dd3ed7c02da68209328d630c89d395ba |
Priority
Status
Package | Release | Status |
---|---|---|
cifs-utils Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Does not exist
|
|
karmic |
Does not exist
|
|
lucid |
Does not exist
|
|
maverick |
Released
(2:4.5-2ubuntu0.10.10.1)
|
|
natty |
Released
(2:4.5-2ubuntu0.11.04.1)
|
|
upstream |
Needs triage
|
|
Patches: upstream: http://git.samba.org/?p=cifs-utils.git;a=commitdiff;h=f6eae44a3d05b6515a59651e6bed8b6dde689aec |
||
samba Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
hardy |
Released
(3.0.28a-1ubuntu4.16)
|
|
karmic |
Ignored
(end of life)
|
|
lucid |
Released
(2:3.4.7~dfsg-1ubuntu3.8)
|
|
maverick |
Not vulnerable
(moved to cifs-utils)
|
|
natty |
Not vulnerable
(moved to cifs-utils)
|
|
upstream |
Needs triage
|
|
Patches: upstream: http://git.samba.org/?p=cifs-utils.git;a=commitdiff;h=f6eae44a3d05b6515a59651e6bed8b6dde689aec |