QwikSec

Security Database

CVE

CWE

Training

CVE-2013-4247

Published: Aug 25, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

Off-by-one error in the build_unc_path_to_root function in fs/cifs/connect.c in the Linux kernel before 3.9.6 allows remote attackers to cause a denial of service (memory corruption and system crash) via a DFS share mount operation that triggers use of an unexpected DFS referral name length.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/torvalds/linux/commit/1fc29bacedeabb278080e31bb9c1ecb49f143c3b

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=998401

x_refsource_CONFIRM

http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.9.6

x_refsource_CONFIRM

[oss-security] 20130814 Re: CVE Request: Linux kernel: cifs: off-by-one bug in build_unc_path_to_root

mailing-list

x_refsource_MLIST

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1fc29bacedeabb278080e31bb9c1ecb49f143c3b

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.