Vulnerability & Exploit Database

Back to search

Amazon Linux AMI: Security patch for kernel (ALAS-2011-26) (multiple CVEs)

Severity CVSS Published Added Modified
10 (AV:N/AC:L/Au:N/C:C/I:C/A:C) May 24, 2012 February 28, 2014 June 21, 2018

Description

Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large length value in a response to a read request for a directory.

Scan For This Vulnerability

Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities

 Free InsightVM Trial

References

Solution

amazon-linux-upgrade-kernel

Related Vulnerabilities