Description
In the Linux kernel, the following vulnerability has been resolved: ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transfer If data_offset and data_length of smb_direct_data_transfer struct are invalid, out of bounds issue could happen. This patch validate data_offset and data_length field in recv_done.
Product status
2ea086e35c3d726a3bacd0a971c1f02a50e98206 before 773fddf976d282ef059c36c575ddb81567acd6bc
2ea086e35c3d726a3bacd0a971c1f02a50e98206 before bdaab5c6538e250a9654127e688ecbbeb6f771d5
2ea086e35c3d726a3bacd0a971c1f02a50e98206 before eb0378dde086363046ed3d7db7f126fc3f76fd70
2ea086e35c3d726a3bacd0a971c1f02a50e98206 before 8be498fcbd5b07272f560b45981d4b9e5a2ad885
2ea086e35c3d726a3bacd0a971c1f02a50e98206 before 529b121b00a6ee3c88fb3c01b443b2b81f686d48
2ea086e35c3d726a3bacd0a971c1f02a50e98206 before 5282491fc49d5614ac6ddcd012e5743eecb6a67c
5.15
Any version before 5.15
5.15.194
6.1.154
6.6.108
6.12.49
6.16.9
6.17
References
git.kernel.org/...c/773fddf976d282ef059c36c575ddb81567acd6bc
git.kernel.org/...c/bdaab5c6538e250a9654127e688ecbbeb6f771d5
git.kernel.org/...c/eb0378dde086363046ed3d7db7f126fc3f76fd70
git.kernel.org/...c/8be498fcbd5b07272f560b45981d4b9e5a2ad885
git.kernel.org/...c/529b121b00a6ee3c88fb3c01b443b2b81f686d48
git.kernel.org/...c/5282491fc49d5614ac6ddcd012e5743eecb6a67c
