Windows 2003 server automatically updated today (6/21/06) with the security update KB914389. After update was applied, mount.cifs running on linux 2.4 kernel no longer works. Without this update applied, mount.cifs works as expected. cifs-1.20c-2.4.tar.gz Linux Kernel 2.4.31 KB914389 Microsoft Security Bulletin MS06-030 Vulnerability in Server Message Block Could Allow Elevation of Privilege (914389) http://www.microsoft.com/technet/security/bulletin/MS06-030.mspx Output from mount.cifs ---------------------- -bash-2.05b# mount.cifs //192.168.1.33/share /mnt/cifs -o user=administrator,p assword=xxxxx mount error 22 = Invalid argument Refer to the mount.cifs(8) manual page (e.g.man mount.cifs)
I just applied this security update KB914389 to a Windows 2003 server and attempted a cifs mount from a SLES10 running 2.6.19 and cifs 1.46 and it succeeded.
Mar 1 09:15:03 fl01 kernel: SELinux: initialized (dev cifs, type cifs), uses genfs_contexts Mar 1 09:31:49 fl01 kernel: CIFS VFS: Invalid size SMB length 4 pdu_length 32773 Mar 1 09:31:49 fl01 kernel: CIFS VFS: No response buffer Mar 1 09:31:49 fl01 kernel: CIFS VFS: No response buffer Mar 1 09:31:49 fl01 kernel: CIFS VFS: Send error in read = -11 Mar 1 09:31:49 fl01 kernel: CIFS VFS: Send error in read = -9 Mar 1 09:32:19 fl01 kernel: CIFS VFS: Invalid size SMB length 4 pdu_length 32773 Mar 1 09:32:20 fl01 kernel: CIFS VFS: No response buffer Mar 1 09:32:20 fl01 kernel: CIFS VFS: Send error in read = -9 Mar 1 09:32:50 fl01 kernel: CIFS VFS: Invalid size SMB length 4 pdu_length 32773 Mar 1 09:32:50 fl01 kernel: CIFS VFS: No response buffer Mar 1 09:32:50 fl01 kernel: CIFS VFS: Send error in read = -9 Mar 1 09:38:12 fl01 kernel: Unable to handle kernel NULL pointer dereference at virtual address 00000000 Mar 1 09:38:12 fl01 kernel: printing eip: Mar 1 09:38:12 fl01 kernel: 00000000 Mar 1 09:38:12 fl01 kernel: *pde = 374a4001 Mar 1 09:38:12 fl01 kernel: Oops: 0010 [#1] Mar 1 09:38:12 fl01 kernel: SMP Mar 1 09:38:12 fl01 kernel: Modules linked in: nls_utf8 cifs md5 ipv6 autofs4 button battery ac uhci_hcd ehci_hcd hw_random shpchp e1000(U) dm_snapshot dm_zero dm_mirror ext3 jbd dm_mod ata_piix libata sd_mod scsi_mod Mar 1 09:38:12 fl01 kernel: CPU: 1 Mar 1 09:38:12 fl01 kernel: EIP: 0060:[<00000000>] Not tainted VLI Mar 1 09:38:12 fl01 kernel: EFLAGS: 00010292 (2.6.9-34.0.1.ELsmp) Mar 1 09:38:12 fl01 kernel: EIP is at 0x0 Mar 1 09:38:12 fl01 kernel: eax: fffffffc ebx: 0c803500 ecx: c21f5000 edx: 00000000 Mar 1 09:38:12 fl01 kernel: esi: 0a000000 edi: 00000000 ebp: 00000000 esp: f0d6f048 Mar 1 09:38:12 fl01 kernel: ds: 007b es: 007b ss: 0068 Mar 1 09:38:12 fl01 kernel: Process cifsd (pid: 22563, threadinfo=f0d6e000 task=ec3bf130) Mar 1 09:38:12 fl01 kernel: Stack: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 Mar 1 09:38:12 fl01 kernel: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 Mar 1 09:38:12 fl01 kernel: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 Mar 1 09:38:12 fl01 kernel: Call Trace: Mar 1 09:38:12 fl01 kernel: ======================= Mar 1 09:38:12 fl01 kernel: Unable to handle kernel NULL pointer dereference at virtual address 00000060 Mar 1 09:38:12 fl01 kernel: printing eip: Mar 1 09:38:12 fl01 kernel: c0105cb4 Mar 1 09:38:12 fl01 kernel: *pde = 374a4001 Mar 1 09:38:12 fl01 kernel: Oops: 0000 [#2] Mar 1 09:38:12 fl01 kernel: SMP Mar 1 09:38:12 fl01 kernel: Modules linked in: nls_utf8 cifs md5 ipv6 autofs4 button battery ac uhci_hcd ehci_hcd hw_random shpchp e1000(U) dm_snapshot dm_zero dm_mirror ext3 jbd dm_mod ata_piix libata sd_mod scsi_mod Mar 1 09:38:12 fl01 kernel: CPU: 1 Mar 1 09:38:12 fl01 kernel: EIP: 0060:[<c0105cb4>] Not tainted VLI Mar 1 09:38:12 fl01 kernel: EFLAGS: 00010097 (2.6.9-34.0.1.ELsmp) Mar 1 09:38:12 fl01 kernel: EIP is at show_trace+0x11/0x6b Mar 1 09:38:12 fl01 kernel: eax: 00000ffd ebx: 00000060 ecx: f0d6eeb4 edx: c02dc41e Mar 1 09:38:12 fl01 kernel: esi: 00000060 edi: 00000000 ebp: 00000068 esp: f0d6eeb4 Mar 1 09:38:12 fl01 kernel: ds: 007b es: 007b ss: 0068 Mar 1 09:38:12 fl01 kernel: Process cifsd (pid: 22563, threadinfo=f0d6e000 task=ec3bf130) Mar 1 09:38:12 fl01 kernel: Stack: f0d6f0a8 00000018 00000000 c0105d81 c02dc448 f0d6f048 f0d6e000 f0d6f014 Mar 1 09:38:12 fl01 kernel: 00000000 c0105e80 c02dc54b 00000001 f0d6e000 f0d6f014 00000010 c02e3c52 Mar 1 09:38:12 fl01 kernel: c0106027 f0d6f014 c02e3c52 00000010 000000ff 0000000b c0122781 c02e3bb5 Mar 1 09:38:12 fl01 kernel: Call Trace: Mar 1 09:38:12 fl01 kernel: [<c0105d81>] show_stack+0x73/0x79 Mar 1 09:38:12 fl01 kernel: [<c0105e80>] show_registers+0xe6/0x14d Mar 1 09:38:12 fl01 kernel: [<c0106027>] die+0xdb/0x16b Mar 1 09:38:12 fl01 kernel: [<c0122781>] vprintk+0x136/0x14a Mar 1 09:38:12 fl01 kernel: [<c011ad21>] do_page_fault+0x0/0x5c6 Mar 1 09:38:12 fl01 kernel: [<c011b111>] do_page_fault+0x3f0/0x5c6 Mar 1 09:38:12 fl01 kernel: [<c01043d7>] copy_thread+0x29/0x239 Mar 1 09:38:12 fl01 kernel: [<c0121786>] copy_process+0x9be/0xafb Mar 1 09:38:12 fl01 kernel: [<c01219af>] do_fork+0x8e/0x175 Mar 1 09:38:12 fl01 kernel: [<c0121a8c>] do_fork+0x16b/0x175 Mar 1 09:38:12 fl01 kernel: [<f8b31732>] cifs_demultiplex_thread+0x0/0x839 [cifs] Mar 1 09:38:12 fl01 kernel: [<c0104265>] kernel_thread+0x6a/0x72 Mar 1 09:38:12 fl01 kernel: Code: 3c c0 e8 a4 7d 02 00 89 c3 89 f2 b8 44 1e 32 c0 e8 ad b7 1c 00 89 d8 5b 5e c3 57 56 53 89 d3 89 df 89 de 81 e7 00 f0 ff ff eb 34 <8b> 1e 83 c6 04 89 d8 e8 40 c2 02 00 85 c0 74 24 53 68 13 c4 2d Mar 1 09:38:12 fl01 kernel: <0>Fatal exception: panic in 5 seconds
Is this still a problem? If so, can you please let us know the version of cifs module you are using and a dump of the cifs module generated using command objdump -drS?
Please reopen this if the problem recurs but we do not expect you to see this problem in any reasonably recent cifs build.