]> git.ipfire.org Git - thirdparty/kernel/stable.git/commit
projects / thirdparty / kernel / stable.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d798fd9) | patch
ksmbd: fix potencial out-of-bounds when buffer offset is invalid
authorNamjae Jeon <linkinjeon@kernel.org>
Mon, 18 Mar 2024 23:40:48 +0000 (08:40 +0900)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Fri, 2 May 2025 05:44:20 +0000 (07:44 +0200)
commit480469f145e5abf83361e608734e421b7d99693d
treed1d4e235a5f057793050a38250d234c0dac5479ftree
parentd798fd98e3563027c5162259ead517057d6fa794commit | diff
ksmbd: fix potencial out-of-bounds when buffer offset is invalid

commit c6cd2e8d2d9aa7ee35b1fa6a668e32a22a9753da upstream.

I found potencial out-of-bounds when buffer offset fields of a few requests
is invalid. This patch set the minimum value of buffer offset field to
->Buffer offset to validate buffer length.

Cc: stable@vger.kernel.org
Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Bin Lan <bin.lan.cn@windriver.com>
Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
fs/ksmbd/smb2misc.c diff | blob | blame | history
fs/ksmbd/smb2pdu.c diff | blob | blame | history
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git