Linux.Kernel.SMB.Filesystem.smb_proc_read.Buffer.Overflow
Description
This indicates an attack attempt against a Buffer Overflow vulnerability in the Linux kernel.
The vulnerability is due to insufficient validation of the data length in certain SMB packages. Specially crafted SMB "Read" and "ReadAndX" responses can trigger a buffer overflow when the kernel copies the data to an allocated buffer.
Affected Products
Linux Kernel Project Linux Kernel 2.4.0 - 2.4.27
Linux Kernel Project Linux Kernel 2.6.x
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the latest update from the vendor.
http://kernel.org/pub/linux/kernel/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |