Bug 253315 - CVE-2007-3843 CIFS signing sec= mount options don't work correctly
CVE-2007-3843 CIFS signing sec= mount options don't work correctly
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: kernel (Show other bugs)
All Linux
low Severity low
: ---
: ---
Assigned To: Jeff Layton
Martin Jenner
: Security
Depends On:
Blocks: CVE-2007-3843
  Show dependency treegraph
Reported: 2007-08-17 16:08 EDT by Marcel Holtmann
Modified: 2007-11-30 17:07 EST (History)
5 users (show)

See Also:
Fixed In Version: RHSA-2007-0705
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2007-09-13 05:13:27 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
patch -- upstream patch backported to 2.6.18 (4.17 KB, patch)
2007-08-28 08:16 EDT, Jeff Layton
no flags Details | Diff
patch -- fix signing mount options (4.19 KB, patch)
2007-08-28 09:51 EDT, Jeff Layton
no flags Details | Diff

  None (edit)
Description Marcel Holtmann 2007-08-17 16:08:10 EDT
email from Steve French:

CIFS code was changing the wrong global variable for signing (the old
one, used only by dead, soon to be removed, code in
fs/cifs/connect.c).  Eventually I need to test ntlm, ntlmv2 etc.
override on command line (with or without the "i" integrity checking
option ie ntlmi ... ntlm with signing etc.)
Comment 1 Jeff Layton 2007-08-28 08:16:27 EDT
Created attachment 176061 [details]
patch -- upstream patch backported to 2.6.18

The upstream patch applied fairly cleanly. Building test kernel with it now.
Comment 2 Jeff Layton 2007-08-28 09:51:27 EDT
Created attachment 176601 [details]
patch -- fix signing mount options

Previous patch didn't include the change to error out if the signing was
requested but the server didn't support it. This one does. I've given it some
basic unit testing and it works correctly.
Comment 3 Don Howard 2007-08-29 15:29:58 EDT
A patch for this issue has been included in build 2.6.18-8.1.9.
Comment 6 Red Hat Bugzilla 2007-09-13 05:13:27 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.