Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial out-of-bounds when buffer offset is invalid I found potencial out-of-bounds when buffer offset fields of a few requests is invalid. This patch set the minimum value of buffer offset field to ->Buffer offset to validate buffer length.

INFO

Published Date :

2024-05-01T05:18:39.096Z

Last Modified :

2025-11-03T21:54:07.063Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-26952 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-26952.

URL Resource
https://git.kernel.org/stable/c/0c5541b4c980626fa3cab16ba1a451757778bbb5 cve-icon cve-icon
https://git.kernel.org/stable/c/2dcda336b6e80b72d58d30d40f2fad9724e5fe63 cve-icon cve-icon
https://git.kernel.org/stable/c/39bdc4197acf2ed13269167ccf093ee28cfa2a4e cve-icon cve-icon
https://git.kernel.org/stable/c/480469f145e5abf83361e608734e421b7d99693d cve-icon cve-icon
https://git.kernel.org/stable/c/ad6480c9a5d884e2704adc51d69895d93339176c cve-icon cve-icon
https://git.kernel.org/stable/c/c6cd2e8d2d9aa7ee35b1fa6a668e32a22a9753da cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html cve-icon
https://lore.kernel.org/linux-cve-announce/2024050127-CVE-2024-26952-7f65@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-26952 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-26952 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact