Upstream information

CVE-2011-1771 at MITRE

Description

The cifs_close function in fs/cifs/file.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (NULL pointer dereference and BUG) or possibly have unspecified other impact by setting the O_DIRECT flag during an attempt to open a file on a CIFS filesystem.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 4.7
Vector AV:L/AC:M/Au:N/C:N/I:N/A:C
Access Vector Local
Access Complexity Medium
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Complete

Note from the SUSE Security Team

This issue affects CIFS in kernels v2.6.37 and is not in backported code. So the issue only affected openSUSE 11.4 and no SUSE Linux Enterprise product.

SUSE Bugzilla entry: 692497 [RESOLVED / FIXED]

No SUSE Security Announcements cross referenced.