3 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been fixed: ksmbd: Fixed an out-of-bounds write issue in smb2getea. smb2getea applies a 4-byte alignment padding using memset after writing each EA entry. The bounds check on buffreelen is performed before the memcpy operation, but the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Validated EaNameLength in smb2getea The smb2getea function reads eareq-EaNameLength from the client request and passes it directly to strncmp as the comparison length. However, it does not verify that the length of the...
PT-2026-36335
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds write exists in the smb2 get ea function within the ksmbd module. The function applies 4-byte alignment padding using memset after writing each Extended Attribute EA...