NACK/Cmnt: [SRU][Jammy][PATCH 0/1] CVE-2023-38431
Stefan Bader
stefan.bader at canonical.com
Fri Mar 1 08:39:25 UTC 2024
On 25.01.24 22:44, Bethany Jamison wrote:
> [Impact]
>
> An issue was discovered in the Linux kernel before 6.3.8.
> fs/smb/server/connection.c in ksmbd does not validate the relationship
> between the NetBIOS header's length field and the SMB header sizes, via
> pdu_size in ksmbd_conn_handler_loop, leading to an out-of-bounds read.
>
> [Fix]
>
> The fix commit implemented function smb2_get_msg which wasn't defined
> in Jammy - the function was very simple so I added it without issue.
>
> [Test Case]
>
> Compile and boot tested.
>
> [Regression Potential]
>
> Issues could occur with packets between NetBIOS and SMB.
>
> Namjae Jeon (1):
> ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
>
> fs/ksmbd/connection.c | 12 ++++++++++++
> fs/ksmbd/smb2pdu.h | 9 +++++++++
> 2 files changed, 21 insertions(+)
>
Rejected for the following reasons:
- there are doubts about correctness of this patch
- no feedback was given to address those concerns
Please re-submit when needed (but make then sure to address the concerns
in some comment).
-Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE8675DEECBEECEA3.asc
Type: application/pgp-keys
Size: 48643 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20240301/2d4a46c7/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20240301/2d4a46c7/attachment-0001.sig>
More information about the kernel-team
mailing list