Описание
The cifs_find_smb_ses function in fs/cifs/connect.c in the Linux kernel before 2.6.36 does not properly determine the associations between users and sessions, which allows local users to bypass CIFS share authentication by leveraging a mount of a share by a different user.
Ссылки
- Release NotesThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- ExploitPatchThird Party Advisory
- Release NotesThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- ExploitPatchThird Party Advisory
Уязвимые конфигурации
EPSS
3.3 Low
CVSS2
Дефекты
Связанные уязвимости
The cifs_find_smb_ses function in fs/cifs/connect.c in the Linux kernel before 2.6.36 does not properly determine the associations between users and sessions, which allows local users to bypass CIFS share authentication by leveraging a mount of a share by a different user.
The cifs_find_smb_ses function in fs/cifs/connect.c in the Linux kernel before 2.6.36 does not properly determine the associations between users and sessions, which allows local users to bypass CIFS share authentication by leveraging a mount of a share by a different user.
The cifs_find_smb_ses function in fs/cifs/connect.c in the Linux kerne ...
The cifs_find_smb_ses function in fs/cifs/connect.c in the Linux kernel before 2.6.36 does not properly determine the associations between users and sessions, which allows local users to bypass CIFS share authentication by leveraging a mount of a share by a different user.
ELSA-2011-2037: Unbreakable Enterprise kernel security and bug fix update (MODERATE)
EPSS
3.3 Low
CVSS2