[SRU][N][PATCH 0/1] CVE-2024-56627
Massimiliano Pellizzer
massimiliano.pellizzer at canonical.com
Sat Feb 15 16:24:25 UTC 2025
[Impact]
ksmbd: fix Out-of-Bounds Read in ksmbd_vfs_stream_read
An offset from client could be a negative value, It could lead
to an out-of-bounds read from the stream_buf.
Note that this issue is coming when setting
'vfs objects = streams_xattr parameter' in ksmbd.conf.
[Fix]
Oracular: Fixed via upstream stable updates (LP: #2096827)
Noble: Cherry picked from mainline
Jammy: Fixed via upstream stable updates (LP: #2095327)
Focal: Not affected
[Test case]
Compile tested only.
[Where problems could occur]
A regression here is unlikely due to the very limited scope of the
patch.
Jordy Zomer (1):
ksmbd: fix Out-of-Bounds Read in ksmbd_vfs_stream_read
fs/smb/server/smb2pdu.c | 4 ++++
1 file changed, 4 insertions(+)
--
2.43.0
More information about the kernel-team
mailing list