9 matches found
CVE-2024-26980
A flaw was found in the Linux kernel's ksmbd module. Improper size validation can trigger an out-of-bounds read, resulting in a denial of service...
CVE-2024-26980
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in smb2allocaterspbuf If -ProtocolId is SMB2TRANSFORMPROTONUM, smb2 request size validation could be skipped. if request size is smaller than sizeofstruct smb2queryinforeq, slab-out-of-bounds read ca...
CVE-2024-26980 ksmbd: fix slab-out-of-bounds in smb2_allocate_rsp_buf
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in smb2allocaterspbuf If -ProtocolId is SMB2TRANSFORMPROTONUM, smb2 request size validation could be skipped. if request size is smaller than sizeofstruct smb2queryinforeq, slab-out-of-bounds read ca...
CVE-2024-26980 ksmbd: fix slab-out-of-bounds in smb2_allocate_rsp_buf
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in smb2allocaterspbuf If -ProtocolId is SMB2TRANSFORMPROTONUM, smb2 request size validation could be skipped. if request size is smaller than sizeofstruct smb2queryinforeq, slab-out-of-bounds read ca...
CVE-2024-26980
CVE-2024-26980 is confirmed with concrete technical details in connected Astra Linux bulletin: Linux kernel ksmbd slab-out-of-bounds in smb2_allocate_rsp_buf when SMB2_TRANSFORM_PROTO_NUM is used; an SMB2 request smaller than sizeof(struct smb2_query_info_req) could trigger a slab read before buf...
CVE-2024-26936
CVE-2024-26936 affects the Linux kernel component ksmbd. The issue arises because the response buffer is allocated in smb2_allocate_rsp_buf() only after validating the request, while the patch shows that fields in the payload and the SMB2 header are used within smb2_allocate_rsp_buf(), enabling a...
CVE-2024-26936 ksmbd: validate request buffer size in smb2_allocate_rsp_buf()
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate request buffer size in smb2allocaterspbuf The response buffer should be allocated in smb2allocaterspbuf before validating request. But the fields in payload as well as smb2 header is used in smb2allocaterspbuf. Th...
CVE-2024-26936 ksmbd: validate request buffer size in smb2_allocate_rsp_buf()
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate request buffer size in smb2allocaterspbuf The response buffer should be allocated in smb2allocaterspbuf before validating request. But the fields in payload as well as smb2 header is used in smb2allocaterspbuf. Th...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not validating the request buffer size in the smb2allocaterspbuf function...