CVE-2024-26954

Advisory lineage Upstream: 0 Downstream: 9

Downstream

DEBIAN-CVE-2024-26954 DLA-4008-1 DSA-5818-1 UBUNTU-CVE-2024-26954 USN-6816-1 USN-6817-1

Modified

Published: 01 May 2024, 05:18

Last modified:11 May 2026, 20:07

Vulnerability Summary

Overall Risk (default)

medium

28/100

CVSS Score

7.1 HIGH

v3.1 (nvd)

EPSS Score

<0.01% LOW

0% probability 0.00%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

01 May 2024, 05:18

Published

Vulnerability first disclosed

11 May 2026, 20:07

Last Modified

Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() If ->NameOffset of smb2_create_req is smaller than Buffer offset of smb2_create_req, slab-out-of-bounds read can happen from smb2_open. This patch set the minimum value of the name offset to the buffer offset to validate name length of smb2_create_req().

CVSS Metrics

v3.1•HIGH•Score: 7.1CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

EPSS Trends

Current EPSS score: 0.01%• Percentile: 1%

Techniques & Countermeasures

CWE-125•Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.

Affected Systems

linux•linux
≥ 0626e6641f6b467447c81dd7678a69c66f7746cf, < d70c2e0904ab3715c5673fd45788a464a246d1db | ≥ 0626e6641f6b467447c81dd7678a69c66f7746cf, < 9e4937cbc150f9d5a9b5576e1922ef0b5ed2eb72 | ≥ 0626e6641f6b467447c81dd7678a69c66f7746cf, < 3b8da67191e938a63d2736dabb4ac5d337e5de57 | ≥ 0626e6641f6b467447c81dd7678a69c66f7746cf, < 4f97e6a9d62cb1fce82fbf4baff44b83221bc178 | ≥ 0626e6641f6b467447c81dd7678a69c66f7746cf, < a80a486d72e20bd12c335bcd38b6e6f19356b0aa | 5.15
linux•linux_kernel
≥ 5.15, < 6.1.119 | ≥ 6.2, < 6.7.12 | ≥ 6.8, < 6.8.3