[CVE-2011-1585] cifs unpriveledged remount hole

Andy Whitcroft apw at canonical.com
Tue Oct 25 16:12:21 UTC 2011

	While a user has a CIFS share mounted that required successful
	authentication, a local, unprivileged user could mount that share
	without knowing the correct password if mount.cifs was setuid root.

Fixes for this issue have hit natty, and oneiric via mainline and
stable.  Following this email are three patch sets.  One for maverick
and maverick/ti-omap4, consisting of three cherry-picks from mainline.
Another for lucid and lucid/fsl-imx51, consisting of a simple backport
and two cherry-picks.  The last is for hardy, consisting of a single patch
reimplementing the CVE components of these commits.  The hardy patch has
been tested to ensure it does fix the CVE issue at hand.  Please review
it carefully.

Proposing for hardy, lucid, lucid/fsl-imx51, maverick and maverick/ti-omap4.


More information about the kernel-team mailing list