CVE-2011-1678

Description

smbfs in Samba 3.5.8 and earlier attempts to use (1) mount.cifs to append to the /etc/mtab file and (2) umount.cifs to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.

How to fix CVE-2011-1678

To remediate CVE-2011-1678, upgrade the affected package to a fixed version below.

• Debian/cifs-utils—upgrade to 2:5.1-1 or later
• Debian/samba—upgrade to 2:3.4.7~dfsg-2 or later

Is CVE-2011-1678 being exploited?

Low — EPSS is 0.7%, meaning exploitation activity has not been observed at scale.

Affected packages (2)

• from 0, < 2:5.1-1
• from 0, < 2:3.4.7~dfsg-2

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2011-1678