korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-13 14:24:11 +08:00
Code Issues Packages Projects Releases Wiki Activity
c119f4ede3
linux/fs/smb
History
Namjae Jeon c119f4ede3 ksmbd: fix slab-out-of-bounds in smb2_allocate_rsp_buf 
If ->ProtocolId is SMB2_TRANSFORM_PROTO_NUM, smb2 request size
validation could be skipped. if request size is smaller than
sizeof(struct smb2_query_info_req), slab-out-of-bounds read can happen in
smb2_allocate_rsp_buf(). This patch allocate response buffer after
decrypting transform request. smb3_decrypt_req() will validate transform
request size and avoid slab-out-of-bound in smb2_allocate_rsp_buf().

Reported-by: Norbert Szetei <norbert@doyensec.com>
Cc: stable@vger.kernel.org
Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
2024-04-19 20:48:47 -05:00
..
client smb3: fix broken reconnect when password changing on the server by allowing password rotation 2024-04-11 16:03:48 -05:00
common smb311: additional compression flag defined in updated protocol spec 2024-03-20 11:49:44 -05:00
server ksmbd: fix slab-out-of-bounds in smb2_allocate_rsp_buf 2024-04-19 20:48:47 -05:00
Kconfig
Makefile