CVE-2024-26952

May 1, 2024, 1:02 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial out-of-bounds when buffer offset is invalid I found potencial out-of-bounds when buffer offset fields of a few requests is invalid. This patch set the minimum value of buffer offset field to ->Buffer offset to validate buffer length.

Product(s) Impacted

Product Versions
Linux kernel

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/0c5541b4c980626fa3cab16ba1a451757778bbb5
https://git.kernel.org/stable/c/2dcda336b6e80b72d58d30d40f2fad9724e5fe63
https://git.kernel.org/stable/c/c6cd2e8d2d9aa7ee35b1fa6a668e32a22a9753da

Tags

2024-05-01
416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVE-2024-26952

Date

  • Published: May 1, 2024, 6:15 a.m.
  • Last Modified: May 1, 2024, 1:02 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.