Intrusion Prevention



This indicates an attack attempt against a Buffer Overflow vulnerability in the Linux kernel.
The vulnerability is due to insufficient validation of the data length in certain SMB packages. Specially crafted SMB "Read" and "ReadAndX" responses can trigger a buffer overflow when the kernel copies the data to an allocated buffer.

Affected Products

Linux Kernel Project Linux Kernel 2.4.0 - 2.4.27
Linux Kernel Project Linux Kernel 2.6.x


System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the latest update from the vendor.

CVE References