[SRU Focal,Jammy,OEM-6.1,Lunar,Mantic 0/1] CVE-2023-6606
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Wed Jan 3 12:12:39 UTC 2024
[Impact]
An out-of-bounds access in cifs filesystem may lead to crashes or
information leak.
[Test case]
A PoC from the kernel.org bugzilla was used and a different error message
was present in dmesg as expected:
[ 518.358312] CIFS: VFS: checkSMB: can't read BCC due to invalid WordCount(240)
[Backport]
Clean cherry-pick on all kernels. For 5.15 and earlier kernels, the file
has been moved, hence the second patch version.
[Potential regression]
Failure to mount cifs or filesystem corruption on cifs mounts.
Paulo Alcantara (1):
smb: client: fix OOB in smbCalcSize()
fs/smb/client/misc.c | 4 ++++
1 file changed, 4 insertions(+)
--
2.34.1
More information about the kernel-team
mailing list