[v2.6] kernel: CIFS: possible null ptr dereference in SMB2_tcon (CVE-2014-7145)
The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the IPC$ share during resolution of DFS referrals.
Linux-3.10.y is vulnerable in the current Alpine Linux releases v2.6 and v2.7. Alpine Linux v3.0 is not affected.
References:
CONFIRM: http://seclists.org/oss-sec/2014/q3/629
CONFIRM: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7145
COMMIT (upstream):
https://github.com/torvalds/linux/commit/18f39e7be0121317550d03e267e3ebd4dbfbb3ce
COMMIT (linux-3.10.y):
https://github.com/torvalds/linux/commit/c6bef3b64c1e605f4059189153de3251855846b9
(from redmine: issue id 3454, created on 2014-10-17, closed on 2017-09-05)
- Relations:
- parent #3453