We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Zendesk (Helpdesk and Chat)
Bugpilot (Bug tracking)

Ok

THREATINT CVE Home CVE Diag Help
PUBLISHED

CVE-2024-26692

smb: Fix regression in writes when non-standard maximum write size negotiated

Reserved:2024-02-19
Published:2024-04-03
Updated:2024-04-03

Description

In the Linux kernel, the following vulnerability has been resolved: smb: Fix regression in writes when non-standard maximum write size negotiated The conversion to netfs in the 6.3 kernel caused a regression when maximum write size is set by the server to an unexpected value which is not a multiple of 4096 (similarly if the user overrides the maximum write size by setting mount parm "wsize", but sets it to a value that is not a multiple of 4096). When negotiated write size is not a multiple of 4096 the netfs code can skip the end of the final page when doing large sequential writes, causing data corruption. This section of code is being rewritten/removed due to a large netfs change, but until that point (ie for the 6.3 kernel until now) we can not support non-standard maximum write sizes. Add a warning if a user specifies a wsize on mount that is not a multiple of 4096 (and round down), also add a change where we round down the maximum write size if the server negotiates a value that is not a multiple of 4096 (we also have to check to make sure that we do not round it down to zero).

Product status

Default status
unaffected

d08089f649a0 before 4145ccff546e
affected

d08089f649a0 before 63c35afd50e2
affected

d08089f649a0 before 4860abb91f3d
affected

Default status
affected

6.3
affected

Any version before 6.3
unaffected

6.6.18
unaffected

6.7.6
unaffected

6.8
unaffected

References

https://git.kernel.org/stable/c/4145ccff546ea868428b3e0fe6818c6261b574a9

https://git.kernel.org/stable/c/63c35afd50e28b49c5b75542045a8c42b696dab9

https://git.kernel.org/stable/c/4860abb91f3d7fbaf8147d54782149bb1fc45892

cve.org CVE-2024-26692

nvd.nist.gov CVE-2024-26692

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-26692