CVE-2011-1585

Published: 06 October 2011

The cifs_find_smb_ses function in fs/cifs/connect.c in the Linux kernel before 2.6.36 does not properly determine the associations between users and sessions, which allows local users to bypass CIFS share authentication by leveraging a mount of a share by a different user.

From the Ubuntu security team

It was discovered that CIFS incorrectly handled authentication. When a user had a CIFS share mounted that required authentication, a local user could mount the same share without knowing the correct password.

Priority

Medium

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.36~rc3)
Patches:
Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed by 4ff67b720c02c36e54d55b88c2931879b7db1cd2
Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed by fc87a40677bbe0937e2ff0642c7e83c9a4813f3d
Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed by 24e6cf92fde1f140d8eb0bf7cd24c2c78149b6b2
linux-armadaxp
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.36~rc3)
linux-ec2
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.36~rc3)
linux-fsl-imx51
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.36~rc3)
linux-lts-backport-maverick
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.36~rc3)
linux-lts-backport-natty
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.36~rc3)
linux-lts-backport-oneiric
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.36~rc3)
linux-mvl-dove
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.36~rc3)
linux-ti-omap4
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.36~rc3)