CVE-2024-26952

May 1, 2024, 1:02 p.m.

Product(s) Impacted

Linux kernel

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial out-of-bounds when buffer offset is invalid I found potencial out-of-bounds when buffer offset fields of a few requests is invalid. This patch set the minimum value of buffer offset field to ->Buffer offset to validate buffer length.

Weaknesses

Date

Published: May 1, 2024, 6:15 a.m.

Last Modified: May 1, 2024, 1:02 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

References

https://git.kernel.org/stable/c/0c5541b4c980626fa3cab16ba1a451757778bbb5

416baaa9-dc9f-4396-8d5f-8c081fb06d67

https://git.kernel.org/stable/c/2dcda336b6e80b72d58d30d40f2fad9724e5fe63

416baaa9-dc9f-4396-8d5f-8c081fb06d67

https://git.kernel.org/stable/c/c6cd2e8d2d9aa7ee35b1fa6a668e32a22a9753da

416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVE-2024-26952

Tags

Product(s) Impacted

Description

Weaknesses

Date

Status : Awaiting Analysis

Source

References

Share