From ${URL} : Hello, Linux kernel built with the Common Internet File System (CONFIG_CIFS) support along with a feature to access Distributed File Systems (CONFIG_CIFS_DFS_UPCALL), is vulnerable to a memory corruption flaw caused by writing one byte past an allocated memory area. It occurs while mounting a DFS share wherein the server provides DFS referral names of certain length. The memory corruption leads to an unresponsive kernel and subsequent crash resulting in Denial of Service. An user/program able to mount a file system could use this flaw to crash the kernel resulting in DoS. Upstream fix: - ------------- -> https://git.kernel.org/linus/1fc29bacedeabb278080e31bb9c1ecb49f143c3b
CVE-2013-4247 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4247): Off-by-one error in the build_unc_path_to_root function in fs/cifs/connect.c in the Linux kernel before 3.9.6 allows remote attackers to cause a denial of service (memory corruption and system crash) via a DFS share mount operation that triggers use of an unexpected DFS referral name length.
Fix in 3.9.6 onwards
