Incorrect buffer length handling was found in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c in the Linux kernel, which could be exploited by malicious NCPFS servers to crash the kernel or possibly execute an arbitrary code. References: https://www.mail-archive.com/netdev@vger.kernel.org/msg223373.html A suggested fix: https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging.git/commit/?id=4c41aa24baa4ed338241d05494f2c595c885af8f
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1558698]
NCPFS is not enabled in Fedora any longer it is scheduled for removal from the upstream kernel.
Notes: See upstream commita 1bb8155080c6 and 5d8515bc2321: The networking IPX and the ncpfs filesystem are moved into the staging tree, as they are on their way out of the kernel due to lack of use anymore.