In the Linux kernel, the following vulnerability has been resolved:
ksmbd: validate request buffer size in smb2_allocate_rsp_buf()
The response buffer should be allocated in smb2_allocate_rsp_buf
before validating request. But the fields in payload as well as smb2 header
is used in smb2_allocate_rsp_buf(). This patch add simple buffer size
validation to avoid potencial out-of-bounds in request buffer.
Metrics
Affected Vendors & Products
References
History
Tue, 24 Sep 2024 19:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-120 |
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-05-01T05:26:51.773Z
Updated: 2024-12-19T08:50:39.612Z
Reserved: 2024-02-19T14:20:24.196Z
Link: CVE-2024-26936
Vulnrichment
Updated: 2024-08-02T00:21:05.890Z
NVD
Status : Awaiting Analysis
Published: 2024-05-01T06:15:08.833
Modified: 2024-11-21T09:03:25.637
Link: CVE-2024-26936
Redhat