{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2007-3843","title":"Title"},{"category":"description","text":"The Linux kernel before 2.6.23-rc1 checks the wrong global variable for the CIFS sec mount option, which might allow remote attackers to spoof CIFS network traffic that the client configured for security signatures, as demonstrated by lack of signing despite sec=ntlmv2i in a SetupAndX request.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2007-3843","url":"https://www.suse.com/security/cve/CVE-2007-3843"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 329790 for CVE-2007-3843","url":"https://bugzilla.suse.com/329790"},{"category":"external","summary":"Advisory link for SUSE-SA:2007:064","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LWDYM2DRKK74E2FKLECQRBPN343QVMVR/#LWDYM2DRKK74E2FKLECQRBPN343QVMVR"},{"category":"external","summary":"Advisory link for SUSE-SA:2008:006","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/EDEHGIEHVK773WKKVVPFKGUZEFSHZ5X7/#EDEHGIEHVK773WKKVVPFKGUZEFSHZ5X7"}],"title":"SUSE CVE CVE-2007-3843","tracking":{"current_release_date":"2025-07-03T00:35:16Z","generator":{"date":"2023-02-15T06:11:24Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2007-3843","initial_release_date":"2023-02-15T06:11:24Z","revision_history":[{"date":"2023-02-15T06:11:24Z","number":"2","summary":"Current version"},{"date":"2023-12-08T05:18:27Z","number":"3","summary":"Current version"},{"date":"2023-12-09T03:40:27Z","number":"4","summary":"Current version"},{"date":"2025-06-26T05:58:22Z","number":"5","summary":"Current version"},{"date":"2025-07-03T00:35:16Z","number":"6","summary":"Current version"}],"status":"interim","version":"6"}}}