Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Out-of-Bounds Read in ksmbd_vfs_stream_read An offset from client could be a negative value, It could lead to an out-of-bounds read from the stream_buf. Note that this issue is coming when setting 'vfs objects = streams_xattr parameter' in ksmbd.conf.

INFO

Published Date :

2024-12-27T14:51:29.854Z

Last Modified :

2025-11-03T20:51:16.745Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-56627 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-56627.

URL Resource
https://git.kernel.org/stable/c/27de4295522e9a33e4a3fc72f7b8193df9eebe41 cve-icon cve-icon
https://git.kernel.org/stable/c/6bd1bf0e8c42f10a9a9679a4c103a9032d30594d cve-icon cve-icon
https://git.kernel.org/stable/c/81eed631935f2c52cdaf6691c6d48e0b06e8ad73 cve-icon cve-icon
https://git.kernel.org/stable/c/de4d790dcf53be41736239d7ee63849a16ff5d10 cve-icon cve-icon
https://git.kernel.org/stable/c/fc342cf86e2dc4d2edb0fc2ff5e28b6c7845adb9 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html cve-icon
https://lore.kernel.org/linux-cve-announce/2024122712-CVE-2024-56627-f398@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-56627 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-56627 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact