Bug 726691 (CVE-2011-2724)
Summary: | CVE-2011-2724 samba, cifs-utils: mount.cifs incorrect fix for CVE-2010-0547 | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Jan Lieskovsky <jlieskov> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | unspecified | CC: | azelinka, gdeschner, jlayton, prc, security-response-team |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2011-08-30 07:25:55 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 722551, 722552, 722553, 722555, 722556, 725508, 725509, 726717 | ||
Bug Blocks: |
Description
Jan Lieskovsky
2011-07-29 13:51:11 UTC
This issue affects the versions of the samba package, as shipped with Red Hat Enterprise Linux 4 and 5. -- This issue affects the version of the samba3x-package, as shipped with Red Hat Enterprise Linux 5. -- This issue affects affects the version of the cifs-utils package, as shipped with Red Hat Enterprise Linux 6. -- This issue affects the versions of the cifs-utils package, as shipped with Fedora release of 14 and 15. The CVE identifier of CVE-2011-2724 has been assigned to this issue. Created cifs-utils tracking bugs for this issue Affects: fedora-all [bug 726717] (In reply to comment #0) > Originally the CVE-2010-0547 identifier has been assigned by Common > Vulnerabilities and Exposures to the following security issue: CVE-2010-0547 was previously tracked via bug #562156. > This bug in original CVE-2010-0547 fix (not to propagate the error properly) > caused mount.cifs command on specially-crafted mount point (containing newline > character) still to succeed and potentially, to corrupt mtab table on the > systems, where CVE-2010-0296 glibc fix was not applied yet. The glibc fix for CVE-2010-0296 is already available for Red Hat Enterprise Linux 5 and 6, see also bug #562156, comment #5. > Proposed upstream patch by Jeff Layton: > [1] http://thread.gmane.org/gmane.linux.kernel.cifs/3827 Committed upstream as: http://git.samba.org/?p=cifs-utils.git;a=commitdiff;h=1e7a32924b22d1f786b6f490ce8590656f578f91 (In reply to comment #1) > This issue affects the versions of the samba package, as shipped with Red Hat > Enterprise Linux 4 and 5. Those packages are rather affected by the original CVE-2010-0547, as the incomplete fix was never released for those packages. This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2011:1220 https://rhn.redhat.com/errata/RHSA-2011-1220.html This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2011:1221 https://rhn.redhat.com/errata/RHSA-2011-1221.html |