CVE-2014-7145

Published: Sep 28, 2014Modified: May 6, 2026

7.8

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability: 10.0 / Impact: 6.9

Source: NVD

Description

The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the IPC$ share during resolution of DFS referrals.

Affected (9)

Products: Redhat: Enterprise Linux Desktop, Enterprise Linux Hpc Node, Enterprise Linux Server, Enterprise Linux Workstation · Linux: Linux Kernel · Canonical: Ubuntu Linux

4 products

Enterprise Linux Desktop

Enterprise Linux Hpc Node

Enterprise Linux Server

Enterprise Linux Workstation

1 product

1 product

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux Desktop	Version 7.0
Redhat Enterprise Linux Hpc Node	Version 7.0
Redhat Enterprise Linux Server	Version 7.0
Redhat Enterprise Linux Workstation	Version 7.0

Configuration B

4 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 3.11 to 3.12.29
Linux Linux Kernel	From 3.13 to 3.14.19
Linux Linux Kernel	From 3.15 to 3.16.3
Linux Linux Kernel	From 3.6 to 3.10.55

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 12.04

Related CWEs

References (14)

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=18f39e7be0121317550d03e267e3ebd4dbfbb3ce

Source: cve@mitre.org

http://rhn.redhat.com/errata/RHSA-2015-0102.html

Source: cve@mitre.org

Third Party Advisory

http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.3

Source: cve@mitre.org

Release NotesVendor Advisory

http://www.openwall.com/lists/oss-security/2014/09/22/4

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://www.securityfocus.com/bid/69867

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://www.ubuntu.com/usn/USN-2394-1

Source: cve@mitre.org

Third Party Advisory

https://github.com/torvalds/linux/commit/18f39e7be0121317550d03e267e3ebd4dbfbb3ce

Source: cve@mitre.org

Issue TrackingPatch

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=18f39e7be0121317550d03e267e3ebd4dbfbb3ce

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2015-0102.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.3

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

http://www.openwall.com/lists/oss-security/2014/09/22/4

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://www.securityfocus.com/bid/69867

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.ubuntu.com/usn/USN-2394-1

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://github.com/torvalds/linux/commit/18f39e7be0121317550d03e267e3ebd4dbfbb3ce

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingPatch

Timeline

No history available yet.