Published: 31 March 2015
Stack-based buffer overflow in cifskey.c or cifscreds.c in cifs-utils before 6.4, as used in pam_cifscreds, allows remote attackers to have unspecified impact via unknown vectors.
Launchpad, Ubuntu, Debian
|Ubuntu 16.04 ESM (Xenial Xerus)||
|Ubuntu 14.04 ESM (Trusty Tahr)||
(code not present)
|This vulnerability is mitigated in part by the use of gcc's stack protector in Ubuntu.|
pam_cifscreds was added in Xenial's 2:6.4-1ubuntu1.1 and pam_cifscreds was fixed upstream in 6.4