Your submission was sent successfully! Close

CVE-2010-1148

Published: 12 April 2010

The cifs_create function in fs/cifs/dir.c in the Linux kernel 2.6.33.2 and earlier allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a NULL nameidata (aka nd) field in a POSIX file-creation request to a server that supports UNIX extensions.

Priority

Medium

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy
Released (2.6.24-28.70)
intrepid Ignored
(was needed [reached end-of-life] now end-of-life)
jaunty
Released (2.6.28-19.61)
karmic
Released (2.6.31-22.60)
lucid
Released (2.6.32-22.35)
upstream
Released (2.6.35~rc1)
linux-source-2.6.15
Launchpad, Ubuntu, Debian
dapper
Released (2.6.15-55.84)
hardy Does not exist

intrepid Does not exist

jaunty Does not exist

karmic Does not exist

lucid Does not exist

upstream
Released (2.6.35~rc1)

Notes

AuthorNote
smb
Though by now this area of code has been modified again so the call
to posix open does not use that function anymore.

References