Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2024/05/01 7:34 p.m.26 views

CVE-2024-26980

A flaw was found in the Linux kernel's ksmbd module. Improper size validation can trigger an out-of-bounds read, resulting in a denial of service...

5.5CVSS8.1AI score0.00226EPSS
Exploits0References4
NVD
NVD
added 2024/05/01 6:15 a.m.13 views

CVE-2024-26980

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in smb2allocaterspbuf If -ProtocolId is SMB2TRANSFORMPROTONUM, smb2 request size validation could be skipped. if request size is smaller than sizeofstruct smb2queryinforeq, slab-out-of-bounds read ca...

5.5CVSS7.4AI score0.00226EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2024/05/01 5:26 a.m.34 views

CVE-2024-26980 ksmbd: fix slab-out-of-bounds in smb2_allocate_rsp_buf

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in smb2allocaterspbuf If -ProtocolId is SMB2TRANSFORMPROTONUM, smb2 request size validation could be skipped. if request size is smaller than sizeofstruct smb2queryinforeq, slab-out-of-bounds read ca...

6.8AI score0.00226EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/05/01 5:26 a.m.28 views

CVE-2024-26980 ksmbd: fix slab-out-of-bounds in smb2_allocate_rsp_buf

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in smb2allocaterspbuf If -ProtocolId is SMB2TRANSFORMPROTONUM, smb2 request size validation could be skipped. if request size is smaller than sizeofstruct smb2queryinforeq, slab-out-of-bounds read ca...

7.6AI score0.00226EPSS
Exploits0References5
CVE
CVE
added 2024/05/01 5:26 a.m.2964 views

CVE-2024-26980

CVE-2024-26980 is confirmed with concrete technical details in connected Astra Linux bulletin: Linux kernel ksmbd slab-out-of-bounds in smb2_allocate_rsp_buf when SMB2_TRANSFORM_PROTO_NUM is used; an SMB2 request smaller than sizeof(struct smb2_query_info_req) could trigger a slab read before buf...

5.5CVSS6.4AI score0.00226EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2024/05/01 5:26 a.m.7843 views

CVE-2024-26936

CVE-2024-26936 affects the Linux kernel component ksmbd. The issue arises because the response buffer is allocated in smb2_allocate_rsp_buf() only after validating the request, while the patch shows that fields in the payload and the SMB2 header are used within smb2_allocate_rsp_buf(), enabling a...

7.8CVSS6.6AI score0.00234EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2024/05/01 5:26 a.m.19 views

CVE-2024-26936 ksmbd: validate request buffer size in smb2_allocate_rsp_buf()

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate request buffer size in smb2allocaterspbuf The response buffer should be allocated in smb2allocaterspbuf before validating request. But the fields in payload as well as smb2 header is used in smb2allocaterspbuf. Th...

7.7AI score0.00234EPSS
Exploits0References5
OSV
OSV
added 2024/05/01 5:26 a.m.16 views

CVE-2024-26936 ksmbd: validate request buffer size in smb2_allocate_rsp_buf()

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate request buffer size in smb2allocaterspbuf The response buffer should be allocated in smb2allocaterspbuf before validating request. But the fields in payload as well as smb2 header is used in smb2allocaterspbuf. Th...

7.8CVSS6.2AI score0.00234EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/05/01 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not validating the request buffer size in the smb2allocaterspbuf function...

7.8CVSS6.8AI score0.00234EPSS
Exploits0References6
Rows per page
Query Builder