Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 481356 (CVE-2013-4247) - Kernel : cifs: off-by-one bug in build_unc_path_to_root (CVE-2013-4247)
Summary: Kernel : cifs: off-by-one bug in build_unc_path_to_root (CVE-2013-4247)
Alias: CVE-2013-4247
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Kernel Security
Depends on:
Reported: 2013-08-16 19:34 UTC by Agostino Sarubbo
Modified: 2022-03-25 15:31 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2013-08-16 19:34:19 UTC
From ${URL} :


Linux kernel built with the Common Internet File System (CONFIG_CIFS) support 
along with a feature to access Distributed File Systems 
(CONFIG_CIFS_DFS_UPCALL), is vulnerable to a memory corruption flaw caused by 
writing one byte past an allocated memory area. It occurs while mounting a DFS 
share wherein the server provides DFS referral names of certain length. The 
memory corruption leads to an unresponsive kernel and subsequent crash 
resulting in Denial of Service.

An user/program able to mount a file system could use this flaw to crash the 
kernel resulting in DoS.

Upstream fix:
- -------------
Comment 1 GLSAMaker/CVETool Bot gentoo-dev 2013-08-30 01:08:51 UTC
CVE-2013-4247 (
  Off-by-one error in the build_unc_path_to_root function in fs/cifs/connect.c
  in the Linux kernel before 3.9.6 allows remote attackers to cause a denial
  of service (memory corruption and system crash) via a DFS share mount
  operation that triggers use of an unexpected DFS referral name length.
Comment 2 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-03-25 15:31:53 UTC
Fix in 3.9.6 onwards