CVE-2024-26811
Vulnerability Summary
Timeline
Description
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate payload size in ipc response If installing malicious ksmbd-tools, ksmbd.mountd can return invalid ipc response to ksmbd kernel server. ksmbd should validate payload size of ipc response from ksmbd.mountd to avoid memory overrun or slab-out-of-bounds. This patch validate 3 ipc response that has payload.
CVSS Metrics
- v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Trends
Current EPSS score: 0.01%• Percentile: 2%
Techniques & Countermeasures
- CWE-787•Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.
Affected Systems
- linux•linux
≥ 0626e6641f6b467447c81dd7678a69c66f7746cf, < 88b7f1143b15b29cccb8392b4f38e75b7bb3e300 | ≥ 0626e6641f6b467447c81dd7678a69c66f7746cf, < 51a6c2af9d20203ddeeaf73314ba8854b38d01bd | ≥ 0626e6641f6b467447c81dd7678a69c66f7746cf, < a637fabac554270a851033f5ab402ecb90bc479c | ≥ 0626e6641f6b467447c81dd7678a69c66f7746cf, < 76af689a45aa44714b46d1a7de4ffdf851ded896 | ≥ 0626e6641f6b467447c81dd7678a69c66f7746cf, < a677ebd8ca2f2632ccdecbad7b87641274e15aac | 5.15
- linux•linux_kernel
< 6.9 | 6.9 | 6.9:rc1 | 6.9:rc2
References (8)
- https://git.kernel.org/stable/c/88b7f1143b15b29cccb8392b4f38e75b7bb3e300
- https://git.kernel.org/stable/c/51a6c2af9d20203ddeeaf73314ba8854b38d01bd
- https://git.kernel.org/stable/c/a637fabac554270a851033f5ab402ecb90bc479c
- https://git.kernel.org/stable/c/76af689a45aa44714b46d1a7de4ffdf851ded896
- https://git.kernel.org/stable/c/a677ebd8ca2f2632ccdecbad7b87641274e15aac
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XCNJZBDMGJXRIKLGKM4RRJU4XCHPX62/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RO3RO34MLQ6WT3A7O6STQUVXW43N6W3K/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LG6L4FXO4WNWUM6W7USOH2YTRVWREM3V/