CVE-2024-26936
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: validate request buffer size in smb2_allocate_rsp_buf()
The response buffer should be allocated in smb2_allocate_rsp_buf before validating request. But the fields in payload as well as smb2 header is used in smb2_allocate_rsp_buf(). This patch add simple buffer size validation to avoid potencial out-of-bounds in request buffer.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 0626e6641f6b467447c81dd7678a69c66f7746cf < 8f3d0bf1d0c62b539d54c5b9108a845cff619b99 | affected |
| Linux | Linux | 0626e6641f6b467447c81dd7678a69c66f7746cf < 21ff9d7d223c5c19cb4334009e4c0c83a2f4d674 | affected |
| Linux | Linux | 0626e6641f6b467447c81dd7678a69c66f7746cf < 5c20b242d4fed73a93591e48bfd9772e2322fb11 | affected |
| Linux | Linux | 0626e6641f6b467447c81dd7678a69c66f7746cf < 2c27a64a2bc47d9bfc7c3cf8be14be53b1ee7cb6 | affected |
| Linux | Linux | 0626e6641f6b467447c81dd7678a69c66f7746cf < 17cf0c2794bdb6f39671265aa18aea5c22ee8c4a | affected |
| Linux | Linux | 5.15 | affected |
| Linux | Linux | 0 < 5.15 | unaffected |
| Linux | Linux | 5.15.159 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.88 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.29 <= 6.6.* | unaffected |
| Linux | Linux | 6.8.8 <= 6.8.* | unaffected |
| Linux | Linux | 6.9 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/8f3d0bf1d0c62b539d54c5b9108a845cff619b99
- https://git.kernel.org/stable/c/21ff9d7d223c5c19cb4334009e4c0c83a2f4d674
- https://git.kernel.org/stable/c/5c20b242d4fed73a93591e48bfd9772e2322fb11
- https://git.kernel.org/stable/c/2c27a64a2bc47d9bfc7c3cf8be14be53b1ee7cb6
- https://git.kernel.org/stable/c/17cf0c2794bdb6f39671265aa18aea5c22ee8c4a
References
- https://git.kernel.org/stable/c/8f3d0bf1d0c62b539d54c5b9108a845cff619b99
- https://git.kernel.org/stable/c/21ff9d7d223c5c19cb4334009e4c0c83a2f4d674
- https://git.kernel.org/stable/c/5c20b242d4fed73a93591e48bfd9772e2322fb11
- https://git.kernel.org/stable/c/2c27a64a2bc47d9bfc7c3cf8be14be53b1ee7cb6
- https://git.kernel.org/stable/c/17cf0c2794bdb6f39671265aa18aea5c22ee8c4a
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.