8.1
CVE-2024-26952
- EPSS 0.81%
- Veröffentlicht 01.05.2024 06:15:11
- Zuletzt bearbeitet 03.11.2025 22:16:48
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
ksmbd: fix potencial out-of-bounds when buffer offset is invalid
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial out-of-bounds when buffer offset is invalid I found potencial out-of-bounds when buffer offset fields of a few requests is invalid. This patch set the minimum value of buffer offset field to ->Buffer offset to validate buffer length.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.15 < 5.15.181
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.119
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.32
Linux ≫ Linux Kernel Version >= 6.7 < 6.7.12
Linux ≫ Linux Kernel Version >= 6.8 < 6.8.3
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.81% | 0.522 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.1 | 2.2 | 5.9 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
CWE-125 Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.
https://git.kernel.org/stable/c/0c5541b4c980626fa3cab16ba1a451757778bbb5
https://git.kernel.org/stable/c/2dcda336b6e80b72d58d30d40f2fad9724e5fe63
https://git.kernel.org/stable/c/39bdc4197acf2ed13269167ccf093ee28cfa2a4e
https://git.kernel.org/stable/c/ad6480c9a5d884e2704adc51d69895d93339176c
https://git.kernel.org/stable/c/c6cd2e8d2d9aa7ee35b1fa6a668e32a22a9753da
https://git.kernel.org/stable/c/480469f145e5abf83361e608734e421b7d99693d
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html