CVE-2024-26936 ksmbd: validate request buffer size in smb2_allocate_rsp_buf()

🗓️ 01 May 2024 05:26:51Reported by LinuxType

CVE-2024-26936 ksmbd: request buffer size validatio

Reporter	Title	Published	Views	Family All 89
AstraLinux	Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15	3 May 202623:59	–	astralinux
BDU FSTEC	The vulnerability of the ksmbd component in the Linux operating system’s kernel allows a hacker to trigger a service failure.	19 Nov 202400:00	–	bdu_fstec
CNNVD	Linux kernel 安全漏洞	1 May 202400:00	–	cnnvd
CVE	CVE-2024-26936	1 May 202405:26	–	cve
Debian	[SECURITY] [DSA 5680-1] linux security update	6 May 202417:39	–	debian
Debian CVE	CVE-2024-26936	1 May 202405:26	–	debiancve
Tenable Nessus	Debian dsa-5680 : affs-modules-6.1.0-21-4kc-malta-di - security update	6 May 202400:00	–	nessus
Tenable Nessus	Photon OS 5.0: Linux PHSA-2024-5.0-0274	24 Jul 202400:00	–	nessus
Tenable Nessus	TencentOS Server 4: kernel (TSSA-2024:0981)	16 Jun 202500:00	–	nessus
Tenable Nessus	Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6893-1)	11 Jul 202400:00	–	nessus

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "fs/smb/server/smb2pdu.c"
    ],
    "versions": [
      {
        "version": "0626e6641f6b467447c81dd7678a69c66f7746cf",
        "lessThan": "8f3d0bf1d0c62b539d54c5b9108a845cff619b99",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "0626e6641f6b467447c81dd7678a69c66f7746cf",
        "lessThan": "21ff9d7d223c5c19cb4334009e4c0c83a2f4d674",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "0626e6641f6b467447c81dd7678a69c66f7746cf",
        "lessThan": "5c20b242d4fed73a93591e48bfd9772e2322fb11",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "0626e6641f6b467447c81dd7678a69c66f7746cf",
        "lessThan": "2c27a64a2bc47d9bfc7c3cf8be14be53b1ee7cb6",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "0626e6641f6b467447c81dd7678a69c66f7746cf",
        "lessThan": "17cf0c2794bdb6f39671265aa18aea5c22ee8c4a",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "fs/smb/server/smb2pdu.c"
    ],
    "versions": [
      {
        "version": "5.15",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "5.15",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.15.159",
        "lessThanOrEqual": "5.15.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.1.88",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.6.29",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.8.8",
        "lessThanOrEqual": "6.8.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.9",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/5c20b242d4fed73a93591e48bfd9772e2322fb11
git	www.git.kernel.org/stable/c/17cf0c2794bdb6f39671265aa18aea5c22ee8c4a
git	www.git.kernel.org/stable/c/8f3d0bf1d0c62b539d54c5b9108a845cff619b99
git	www.git.kernel.org/stable/c/2c27a64a2bc47d9bfc7c3cf8be14be53b1ee7cb6
git	www.git.kernel.org/stable/c/21ff9d7d223c5c19cb4334009e4c0c83a2f4d674

11 May 2026 20:07Current

7.7High risk

Vulners AI Score7.7

EPSS0.00234