Unrated severityNVD Advisory· Published Apr 12, 2010· Updated Apr 29, 2026

CVE-2010-1148

Description

The cifs_create function in fs/cifs/dir.c in the Linux kernel 2.6.33.2 and earlier allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a NULL nameidata (aka nd) field in a POSIX file-creation request to a server that supports UNIX extensions.

Affected products

Linux/Kernel
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Range: <=2.6.33.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.samba.org/archive/linux-cifs-client/2010-April/005741.htmlnvdMailing ListPatchThird Party Advisory
lists.samba.org/archive/linux-cifs-client/2010-April/005742.htmlnvdMailing ListPatchThird Party Advisory
lists.samba.org/archive/linux-cifs-client/2010-April/005746.htmlnvdMailing ListPatchThird Party Advisory
lists.samba.org/archive/linux-cifs-client/2010-April/005757.htmlnvdMailing ListPatchThird Party Advisory
bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
xorl.wordpress.com/2010/04/05/linux-kernel-unix-extensions-cifs-null-pointer-dereference/nvdExploitThird Party Advisory
marc.infonvdMailing ListThird Party Advisory
marc.infonvdMailing ListThird Party Advisory
openwall.com/lists/oss-security/2010/04/06/2nvdMailing ListThird Party Advisory
www.securityfocus.com/bid/39186nvdThird Party AdvisoryVDB Entry
exchange.xforce.ibmcloud.com/vulnerabilities/57561nvdThird Party AdvisoryVDB Entry
secunia.com/advisories/39344nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000