ksmbd: fix out of bounds read in smb2_sess_setup
mainline inclusion from mainline-v6.5-rc1 commit 98422bdd category: bugfix bugzilla: 189112, https://gitee.com/openeuler/kernel/issues/I7SVRC CVE: CVE-2023-3867 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=98422bdd4cb3ca4d08844046f6507d7ec2c2b8d8 ---------------------------------------------------------------------- ksmbd does not consider the case of that smb2 session setup is in compound request. If this is the second payload of the compound, OOB read issue occurs while processing the first payload in the smb2_sess_setup(). Cc: stable@vger.kernel.org Reported-by: zdi-disclosures@trendmicro.com # ZDI-CAN-21355 Signed-off-by:Namjae Jeon <linkinjeon@kernel.org> Signed-off-by:
Loading
Please sign in to comment