Bug 952260 (CVE-2013-3302) - CVE-2013-3302 Kernel: cifs: NULL pointer dereference
Summary: CVE-2013-3302 Kernel: cifs: NULL pointer dereference
Keywords:
Status: CLOSED WONTFIX
Alias: CVE-2013-3302
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 904594
TreeView+ depends on / blocked
 
Reported: 2013-04-15 13:49 UTC by Prasad Pandit
Modified: 2021-02-17 07:49 UTC (History)
24 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-06-10 05:34:07 UTC
Embargoed:


Attachments (Terms of Use)

Description Prasad Pandit 2013-04-15 13:49:25 UTC
Linux kernels built with CIFS(CONFIG_CIFS) network file system support
are vulnerable to a NULL pointer dereference flaw. It could occur during a
reconnection attempt.

An unprivileged user/program could use this flaw to crash the system,
resulting in DoS.

Upstream fix:
-------------
 -> https://git.kernel.org/linus/ea702b80e0bbb2448e201472127288beb82ca2fe

Comment 1 Prasad Pandit 2013-04-15 13:52:24 UTC
Statement:

This issue does not affect the versions of the kernel package as shipped with
Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2.


Note You need to log in before you can comment on or make changes to this bug.