[CVE-2011-1585] cifs unpriveledged remount hole
apw at canonical.com
Tue Oct 25 16:12:21 UTC 2011
While a user has a CIFS share mounted that required successful
authentication, a local, unprivileged user could mount that share
without knowing the correct password if mount.cifs was setuid root.
Fixes for this issue have hit natty, and oneiric via mainline and
stable. Following this email are three patch sets. One for maverick
and maverick/ti-omap4, consisting of three cherry-picks from mainline.
Another for lucid and lucid/fsl-imx51, consisting of a simple backport
and two cherry-picks. The last is for hardy, consisting of a single patch
reimplementing the CVE components of these commits. The hardy patch has
been tested to ensure it does fix the CVE issue at hand. Please review
Proposing for hardy, lucid, lucid/fsl-imx51, maverick and maverick/ti-omap4.
More information about the kernel-team