CVE-2024-57925

Summary

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: fix a missing return value check bug

In the smb2_send_interim_resp(), if ksmbd_alloc_work_struct() fails to allocate a node, it returns a NULL pointer to the in_work pointer. This can lead to an illegal memory write of in_work->response_buf when allocate_interim_rsp_buf() attempts to perform a kzalloc() on it.

To address this issue, incorporating a check for the return value of ksmbd_alloc_work_struct() ensures that the function returns immediately upon allocation failure, thereby preventing the aforementioned illegal memory access.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux6f0207218c4c125f5bf32055ac4220b4ef3b7e67 < 781c743e18bfd9b7dc0383f036ae952bd1486f21affected
LinuxLinuxf8cf1ebb7de62c7d807707ce4abb69d483629263 < ee7e40f7fb17f08a8cbae50553e5c2e10ae32fceaffected
LinuxLinux041bba4414cda37d00063952c9bff9c3d5812a19 < 271ae0edbfc942795c162e6cf20d2bc02bd7fde4affected
LinuxLinux041bba4414cda37d00063952c9bff9c3d5812a19 < 2976e91a3e569cf2c92c9f71512c0ab1312fe965affected
LinuxLinux041bba4414cda37d00063952c9bff9c3d5812a19 < 4c16e1cadcbcaf3c82d5fc310fbd34d0f5d0db7caffected
LinuxLinux5.15.145 < 5.15.177affected
LinuxLinux6.1.71 < 6.1.125affected
LinuxLinux6.6affected
LinuxLinux0 < 6.6unaffected
LinuxLinux5.15.177 <= 5.15.*unaffected
LinuxLinux6.1.125 <= 6.1.*unaffected
LinuxLinux6.6.72 <= 6.6.*unaffected
LinuxLinux6.12.10 <= 6.12.*unaffected
LinuxLinux6.13 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References