[SRU][J][PATCH 0/1] CVE-2024-26952
Bethany Jamison
bethany.jamison at canonical.com
Wed Jun 26 21:14:26 UTC 2024
[Impact]
ksmbd: fix potencial out-of-bounds when buffer offset is invalid
I found potencial out-of-bounds when buffer offset fields of a few requests
is invalid. This patch set the minimum value of buffer offset field to
->Buffer offset to validate buffer length.
[Fix]
Noble: released
Jammy: Backport - context conflicts from neighboring lines, shouldn't
affect the fix so I applied the fix changes as given
Focal: not affected
Bionic: not affected
Xenial: not affected
Trusty: not affected
[Test Case]
Compile and boot tested
[Where problems could occur]
This fix affects those who use the KSMBD server, an issue with this fix
would be visible to the user via unexpected system behavior or a system
crash.
Namjae Jeon (1):
ksmbd: fix potencial out-of-bounds when buffer offset is invalid
fs/ksmbd/smb2misc.c | 22 +++++++++++++++------
fs/ksmbd/smb2pdu.c | 48 ++++++++++++++++++++++++---------------------
2 files changed, 42 insertions(+), 28 deletions(-)
--
2.34.1
More information about the kernel-team
mailing list