LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

cifs-utils: /etc/mtab file corruption

Package(s):cifs-utils CVE #(s):CVE-2011-1678
Created:July 25, 2011 Updated:September 23, 2011
Description: From the CVE entry:

smbfs in Samba 3.5.8 and earlier attempts to use (1) mount.cifs to append to the /etc/mtab file and (2) umount.cifs to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.

Alerts:
Mandriva MDVSA-2011:148 2011-10-11
Ubuntu USN-1226-1 2011-10-04
Ubuntu USN-1226-2 2011-10-04
CentOS CESA-2011:1220 2011-09-22
CentOS CESA-2011:1219 2011-09-22
Scientific Linux SL-samb-20110829 2011-08-29
Scientific Linux SL-samb-20110829 2011-08-29
Scientific Linux SL-Samb-20110829 2011-08-29
CentOS CESA-2011:1219 2011-08-29
Red Hat RHSA-2011:1221-01 2011-08-29
Red Hat RHSA-2011:1220-01 2011-08-29
Red Hat RHSA-2011:1219-01 2011-08-29
Fedora FEDORA-2011-9269 2011-07-12
Oracle ELSA-2012-0313 2012-03-07
Gentoo 201206-22 2012-06-24
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds