Submission + - Linux CIFS vulnerability discovered (h-online.com)
jnetsurfer writes: A vulnerability in the CIFS client in the Linux Kernel code makes it possible for a manipulated SMB server to cause users systems to crash or be compromised. The problem is caused by a buffer in the CIFSTCon function in fs/cifs/connect.c file being too small. This function is used when the server responds to a connection request for a resource, known as a Tree Connect.