CVE-2004-0949

Publication date 10 January 2005

Last updated 24 July 2024

Ubuntu priority

The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to (1) read arbitrary kernel information or (2) raise a counter value to an arbitrary number by sending the first part of the fragmented packet multiple times.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
linux-source-2.6.15	7.04 feisty	Not in release
	6.10 edgy	Not in release
	6.06 LTS dapper	Fixed 2.6.15-29.58
linux-source-2.6.17	7.04 feisty	Not in release
	6.10 edgy	Fixed 2.6.17.1-12.40
	6.06 LTS dapper	Not in release

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-30-1
Linux kernel vulnerabilities
19 November 2004

Other references

https://www.cve.org/CVERecord?id=CVE-2004-0949