Commit c622e096 authored by Paulo Alcantara's avatar Paulo Alcantara Committed by ZhaoLong Wang
Browse files

smb: client: fix OOB in receive_encrypted_standard() 

stable inclusion
from stable-v6.6.8
commit 534733397da26de0303057ce0b93a22bda150365
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I8WEOK
CVE: CVE-2024-0565

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=534733397da26de0303057ce0b93a22bda150365



--------------------------------

commit eec04ea119691e65227a97ce53c0da6b9b74b0b7 upstream.

Fix potential OOB in receive_encrypted_standard() if server returned a
large shdr->NextCommand that would end up writing off the end of
@next_buffer.

Fixes: b24df3e3 ("cifs: update receive_encrypted_standard to handle compounded responses")
Cc: stable@vger.kernel.org
Reported-by: default avatarRobert Morris <rtm@csail.mit.edu>
Signed-off-by: default avatarPaulo Alcantara (SUSE) <pc@manguebit.com>
Signed-off-by: default avatarSteve French <stfrench@microsoft.com>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: default avatarZhaoLong Wang <wangzhaolong1@huawei.com>
parent 806899e4
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment