Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 380477 (CVE-2011-3191) - Kernel: "CIFSFindNext()" Signedness Error Denial of Service Vulnerability (CVE-2011-3191)
Summary: Kernel: "CIFSFindNext()" Signedness Error Denial of Service Vulnerability (CV...
Alias: CVE-2011-3191
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Kernel Security
Depends on:
Reported: 2011-08-24 10:46 UTC by Agostino Sarubbo
Modified: 2018-04-04 17:35 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2011-08-24 10:46:34 UTC
From secunia security advisor ad $URL:

A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to a signedness error within the "CIFSFindNext()" function (fs/cifs/cifssmb.c), which can be exploited to e.g. crash a client by sending specially crafted CIFS messages.

Successful exploitation requires that a malicious server is used.

Here is the patch:
Comment 1 GLSAMaker/CVETool Bot gentoo-dev 2012-06-02 14:16:53 UTC
CVE-2011-3191 (
  Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c
  in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial
  of service (memory corruption) or possibly have unspecified other impact via
  a large length value in a response to a read request for a directory.
Comment 2 Aaron Bauman (RETIRED) gentoo-dev 2018-04-04 17:35:03 UTC
There are no longer any 2.x or <3.1 kernels available in the repository with the exception of sys-kernel/xbox-sources which is unsupported by security.