CVE-2004-0949
Published: 10 January 2005
The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to (1) read arbitrary kernel information or (2) raise a counter value to an arbitrary number by sending the first part of the fragmented packet multiple times.
Priority
Status
Package | Release | Status |
---|---|---|
linux-source-2.6.15 Launchpad, Ubuntu, Debian |
dapper |
Released
(2.6.15-29.58)
|
edgy |
Does not exist
|
|
feisty |
Does not exist
|
|
upstream |
Needs triage
|
|
linux-source-2.6.17 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
edgy |
Released
(2.6.17.1-12.40)
|
|
feisty |
Does not exist
|
|
upstream |
Needs triage
|