We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-56627

ksmbd: fix Out-of-Bounds Read in ksmbd_vfs_stream_read



Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Out-of-Bounds Read in ksmbd_vfs_stream_read An offset from client could be a negative value, It could lead to an out-of-bounds read from the stream_buf. Note that this issue is coming when setting 'vfs objects = streams_xattr parameter' in ksmbd.conf.

Reserved 2024-12-27 | Published 2024-12-27 | Updated 2025-01-09 | Assigner Linux

Product status

Default status
unaffected

0626e6641f6b467447c81dd7678a69c66f7746cf before 6bd1bf0e8c42f10a9a9679a4c103a9032d30594d
affected

0626e6641f6b467447c81dd7678a69c66f7746cf before de4d790dcf53be41736239d7ee63849a16ff5d10
affected

0626e6641f6b467447c81dd7678a69c66f7746cf before 27de4295522e9a33e4a3fc72f7b8193df9eebe41
affected

0626e6641f6b467447c81dd7678a69c66f7746cf before 81eed631935f2c52cdaf6691c6d48e0b06e8ad73
affected

0626e6641f6b467447c81dd7678a69c66f7746cf before fc342cf86e2dc4d2edb0fc2ff5e28b6c7845adb9
affected

Default status
affected

5.15
affected

Any version before 5.15
unaffected

5.15.176
unaffected

6.1.120
unaffected

6.6.66
unaffected

6.12.5
unaffected

6.13-rc2
unaffected

References

git.kernel.org/...c/6bd1bf0e8c42f10a9a9679a4c103a9032d30594d

git.kernel.org/...c/de4d790dcf53be41736239d7ee63849a16ff5d10

git.kernel.org/...c/27de4295522e9a33e4a3fc72f7b8193df9eebe41

git.kernel.org/...c/81eed631935f2c52cdaf6691c6d48e0b06e8ad73

git.kernel.org/...c/fc342cf86e2dc4d2edb0fc2ff5e28b6c7845adb9

cve.org (CVE-2024-56627)

nvd.nist.gov (CVE-2024-56627)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-56627

Support options

Helpdesk Chat, Email, Knowledgebase
Subscribe to our newsletter to learn more about our work.