Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-7145

Опубликовано: 17 авг. 2014
Источник: redhat
CVSS2: 4.6
EPSS Низкий

Описание

The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the IPC$ share during resolution of DFS referrals.

A NULL pointer dereference flaw was found in the way the Linux kernel's Common Internet File System (CIFS) implementation handled mounting of file system shares. A remote attacker could use this flaw to crash a client system that would mount a file system share from a malicious server.

Отчет

This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5, 6, and Red Hat Enterprise MRG 2. This issue affects the version of Linux kernel as shipped with Red Hat Enterprise Linux 7. Future kernel updates for Red Hat Enterprise Linux 7 may address this issue.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelNot affected
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise MRG 2realtime-kernelNot affected
Red Hat Enterprise Linux 7kernelFixedRHSA-2015:010228.01.2015

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-476
https://bugzilla.redhat.com/show_bug.cgi?id=1147522Kernel: cifs: NULL pointer dereference in SMB2_tcon

EPSS

Процентиль: 78%
0.01212
Низкий

4.6 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2014-7145

ubuntu
больше 10 лет назад

The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the IPC$ share during resolution of DFS referrals.

nvd логотип

CVE-2014-7145

nvd
больше 10 лет назад

The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the IPC$ share during resolution of DFS referrals.

debian логотип

CVE-2014-7145

debian
больше 10 лет назад

The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before ...

github логотип

GHSA-pcv5-8q8x-qqfx

github
около 3 лет назад

The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the IPC$ share during resolution of DFS referrals.

oracle-oval логотип

ELSA-2015-3003

oracle-oval
больше 10 лет назад

ELSA-2015-3003: Unbreakable Enterprise kernel security and bugfix update (IMPORTANT)

EPSS

Процентиль: 78%
0.01212
Низкий

4.6 Medium

CVSS2