APPLIED: [PATCH 0/1][SRU][T] CVE-2018-1066 - CIFS denial of service

Khaled Elmously khalid.elmously at
Fri Dec 28 09:17:52 UTC 2018

On 2018-12-10 23:01:50 , Tyler Hicks wrote:
>  The Linux kernel before version 4.11 is vulnerable to a NULL pointer
>  dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an
>  attacker controlling a CIFS server to kernel panic a client that has this
>  server mounted, because an empty TargetInfo field in an NTLMSSP setup
>  negotiation response is mishandled during session recovery.
> Clean cherry pick from linux-stable to Trusty. I tested the fix by modifying[1]
> the Samba server in a Bionic VM to trigger the crash in the Trusty kernel
> (client machine) when the Samba server is restarted. I was able to verify that
> the patched kernel allows the Trusty kernel to gracefully handle the server
> restart by noticing that the server is sending bad info.
> Tyler
> [1]
> -- 
> kernel-team mailing list
> kernel-team at

More information about the kernel-team mailing list