In the Linux kernel, the following vulnerability has been...
High severity
Unreviewed
Published
May 1, 2024
to the GitHub Advisory Database
•
Updated Sep 18, 2025
Description
Published by the National Vulnerability Database
May 1, 2024
Published to the GitHub Advisory Database
May 1, 2024
Last updated
Sep 18, 2025
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: validate request buffer size in smb2_allocate_rsp_buf()
The response buffer should be allocated in smb2_allocate_rsp_buf
before validating request. But the fields in payload as well as smb2 header
is used in smb2_allocate_rsp_buf(). This patch add simple buffer size
validation to avoid potencial out-of-bounds in request buffer.
References