CVE-2013-4247

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 3.9.6

Description The issue is caused by an off-by-one error in the build unc path to root function in fs/cifs/connect.c, allowing remote attackers to cause a denial of service, resulting in memory corruption and system crash. This can be triggered via a DFS share mount operation that uses an unexpected DFS referral name length.

Recommendations For Linux kernel versions prior to 3.9.6, update to version 3.9.6 or later to resolve the issue. As a temporary workaround, consider restricting DFS share mount operations to minimize the risk of exploitation.