|Date: (C)2007-11-09 (M)2017-10-04|
|CVSS Score: 6.8||Access Vector: ADJACENT_NETWORK|
|Exploitability Subscore: 3.2||Access Complexity: HIGH|
|Impact Subscore: 10.0||Authentication: NONE|
| ||Confidentiality: COMPLETE|
| ||Integrity: COMPLETE|
| ||Availability: COMPLETE|
Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long SMB responses that trigger the overflows in the SendReceive function.