In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate request buffer size in smb2_allocate_rsp_buf() The response buffer should be allocated in smb2_allocate_rsp_buf before validating request. But the fields in payload as well as smb2 header is used in smb2_allocate_rsp_buf(). This patch add simple buffer size validation to avoid potencial out-of-bounds in request buffer.
History

Tue, 24 Sep 2024 19:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-120

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-05-01T05:26:51.773Z

Updated: 2024-12-19T08:50:39.612Z

Reserved: 2024-02-19T14:20:24.196Z

Link: CVE-2024-26936

cve-icon Vulnrichment

Updated: 2024-08-02T00:21:05.890Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-05-01T06:15:08.833

Modified: 2024-11-21T09:03:25.637

Link: CVE-2024-26936

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-05-01T00:00:00Z

Links: CVE-2024-26936 - Bugzilla