HomeDefault status
unaffected
0626e6641f6b467447c81dd7678a69c66f7746cf (git) before 3813eee5154d6a4c5875cb4444cb2b63bac8947f
affected
0626e6641f6b467447c81dd7678a69c66f7746cf (git) before c86211159bc3178b891e0d60e586a32c7b6a231b
affected
0626e6641f6b467447c81dd7678a69c66f7746cf (git) before 58a9c41064df27632e780c5a3ae3e0e4284957d1
affected
0626e6641f6b467447c81dd7678a69c66f7746cf (git) before 5fe7f7b78290638806211046a99f031ff26164e1
affected
Default status
affected
5.15
affected
Any version before 5.15
unaffected
5.15.121 (semver)
unaffected
6.1.36 (semver)
unaffected
6.3.10 (semver)
unaffected
6.4 (original_commit_for_fix)
unaffected
Description
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out-of-bound read in smb2_write ksmbd_smb2_check_message doesn't validate hdr->NextCommand. If ->NextCommand is bigger than Offset + Length of smb2 write, It will allow oversized smb2 write length. It will cause OOB read in smb2_write.
Product status
0626e6641f6b467447c81dd7678a69c66f7746cf (git) before 3813eee5154d6a4c5875cb4444cb2b63bac8947f
0626e6641f6b467447c81dd7678a69c66f7746cf (git) before c86211159bc3178b891e0d60e586a32c7b6a231b
0626e6641f6b467447c81dd7678a69c66f7746cf (git) before 58a9c41064df27632e780c5a3ae3e0e4284957d1
0626e6641f6b467447c81dd7678a69c66f7746cf (git) before 5fe7f7b78290638806211046a99f031ff26164e1
5.15
Any version before 5.15
5.15.121 (semver)
6.1.36 (semver)
6.3.10 (semver)
6.4 (original_commit_for_fix)
References
git.kernel.org/...c/3813eee5154d6a4c5875cb4444cb2b63bac8947f
git.kernel.org/...c/c86211159bc3178b891e0d60e586a32c7b6a231b
git.kernel.org/...c/58a9c41064df27632e780c5a3ae3e0e4284957d1
git.kernel.org/...c/5fe7f7b78290638806211046a99f031ff26164e1