Message ID | 20240205203402.28665-1-bethany.jamison@canonical.com |
---|---|
Headers | show |
Series | CVE-2024-22705 | expand |
On 05.02.24 21:34, Bethany Jamison wrote: > [Impact] > > An issue was discovered in ksmbd in the Linux kernel before 6.6.10. > smb2_get_data_area_len in fs/smb/server/smb2misc.c can cause an > smb_strndup_from_utf16 out-of-bounds access because the relationship > between Name data and CreateContexts data is mishandled. > > [Fix] > > Clean cherry-pick. A short explanation why there are 2 patches both claiming to be cherry picks would help. Assuming this is a case where git does some context fixing by magic. > > [Test Case] > > Compile and boot test. > > [Regression Potential] > > Issues could occur when opening smb2. > > Namjae Jeon (1): > ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() > > fs/smb/server/smb2misc.c | 15 ++++++++++++--- > 1 file changed, 12 insertions(+), 3 deletions(-) > Acked-by: Stefan Bader <stefan.bader@canonical.com>
On 05-02-2024 21:34, Bethany Jamison wrote: > [Impact] > > An issue was discovered in ksmbd in the Linux kernel before 6.6.10. > smb2_get_data_area_len in fs/smb/server/smb2misc.c can cause an > smb_strndup_from_utf16 out-of-bounds access because the relationship > between Name data and CreateContexts data is mishandled. > > [Fix] > > Clean cherry-pick. > > [Test Case] > > Compile and boot test. > > [Regression Potential] > > Issues could occur when opening smb2. > > Namjae Jeon (1): > ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() > > fs/smb/server/smb2misc.c | 15 ++++++++++++--- > 1 file changed, 12 insertions(+), 3 deletions(-) > Acked-by: Thibault Ferrante <thibault.ferrante@canonical.com> -- Thibault
On 24/02/05 02:34PM, Bethany Jamison wrote: > [Impact] > > An issue was discovered in ksmbd in the Linux kernel before 6.6.10. > smb2_get_data_area_len in fs/smb/server/smb2misc.c can cause an > smb_strndup_from_utf16 out-of-bounds access because the relationship > between Name data and CreateContexts data is mishandled. > > [Fix] > > Clean cherry-pick. > > [Test Case] > > Compile and boot test. > > [Regression Potential] > > Issues could occur when opening smb2. > > Namjae Jeon (1): > ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() > > fs/smb/server/smb2misc.c | 15 ++++++++++++--- > 1 file changed, 12 insertions(+), 3 deletions(-) Acked-by: Andrei Gherzan <andrei.gherzan@canonical.com>
On 05/02/2024 21:34, Bethany Jamison wrote: > [Impact] > > An issue was discovered in ksmbd in the Linux kernel before 6.6.10. > smb2_get_data_area_len in fs/smb/server/smb2misc.c can cause an > smb_strndup_from_utf16 out-of-bounds access because the relationship > between Name data and CreateContexts data is mishandled. > > [Fix] > > Clean cherry-pick. > > [Test Case] > > Compile and boot test. > > [Regression Potential] > > Issues could occur when opening smb2. > > Namjae Jeon (1): > ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() > > fs/smb/server/smb2misc.c | 15 ++++++++++++--- > 1 file changed, 12 insertions(+), 3 deletions(-) > Applied to mantic, jammy master-next branches. Thanks!