7.8

CVE-2014-7145

The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the IPC$ share during resolution of DFS referrals.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 3.6 < 3.10.55
LinuxLinux Kernel Version >= 3.11 < 3.12.29
LinuxLinux Kernel Version >= 3.13 < 3.14.19
LinuxLinux Kernel Version >= 3.15 < 3.16.3
CanonicalUbuntu Linux Version12.04 SwEditionlts
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.73% 0.884
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:N/I:N/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://rhn.redhat.com/errata/RHSA-2015-0102.html
Third Party Advisory
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.3
Vendor Advisory
Release Notes
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=18f39e7be0121317550d03e267e3ebd4dbfbb3ce
http://www.openwall.com/lists/oss-security/2014/09/22/4
Third Party Advisory
Mailing List
http://www.securityfocus.com/bid/69867
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/USN-2394-1
Third Party Advisory
https://github.com/torvalds/linux/commit/18f39e7be0121317550d03e267e3ebd4dbfbb3ce
Patch
Issue Tracking