In the Linux kernel, the following vulnerability has been resolved: smb:
Fix regression in writes when non-standard maximum write size negotiated
The conversion to netfs in the 6.3 kernel caused a regression when maximum
write size is set by the server to an unexpected value which is not a
multiple of 4096 (similarly if the user overrides the maximum write size by
setting mount parm “wsize”, but sets it to a value that is not a multiple
of 4096). When negotiated write size is not a multiple of 4096 the netfs
code can skip the end of the final page when doing large sequential writes,
causing data corruption. This section of code is being rewritten/removed
due to a large netfs change, but until that point (ie for the 6.3 kernel
until now) we can not support non-standard maximum write sizes. Add a
warning if a user specifies a wsize on mount that is not a multiple of 4096
(and round down), also add a change where we round down the maximum write
size if the server negotiates a value that is not a multiple of 4096 (we
also have to check to make sure that we do not round it down to zero).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 23.10 | noarch | linux | < any | UNKNOWN |
ubuntu | 23.10 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws-6.5 | < any | UNKNOWN |
ubuntu | 23.10 | noarch | linux-azure | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-azure-6.5 | < any | UNKNOWN |
ubuntu | 23.10 | noarch | linux-gcp | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-gcp-6.5 | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-hwe-6.5 | < any | UNKNOWN |
ubuntu | 23.10 | noarch | linux-laptop | < any | UNKNOWN |
ubuntu | 23.10 | noarch | linux-lowlatency | < any | UNKNOWN |
git.kernel.org/linus/4860abb91f3d7fbaf8147d54782149bb1fc45892 (6.8-rc5)
git.kernel.org/stable/c/4145ccff546ea868428b3e0fe6818c6261b574a9
git.kernel.org/stable/c/4860abb91f3d7fbaf8147d54782149bb1fc45892
git.kernel.org/stable/c/63c35afd50e28b49c5b75542045a8c42b696dab9
launchpad.net/bugs/cve/CVE-2024-26692
nvd.nist.gov/vuln/detail/CVE-2024-26692
security-tracker.debian.org/tracker/CVE-2024-26692
www.cve.org/CVERecord?id=CVE-2024-26692