CVE-2024-26811

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-26811
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-26811.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-26811
Downstream
Published
2024-04-08T10:02:18.184Z
Modified
2026-03-20T12:35:14.296794Z
Summary
ksmbd: validate payload size in ipc response
Details

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: validate payload size in ipc response

If installing malicious ksmbd-tools, ksmbd.mountd can return invalid ipc response to ksmbd kernel server. ksmbd should validate payload size of ipc response from ksmbd.mountd to avoid memory overrun or slab-out-of-bounds. This patch validate 3 ipc response that has payload.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/26xxx/CVE-2024-26811.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
0626e6641f6b467447c81dd7678a69c66f7746cf
Fixed
88b7f1143b15b29cccb8392b4f38e75b7bb3e300
Fixed
51a6c2af9d20203ddeeaf73314ba8854b38d01bd
Fixed
a637fabac554270a851033f5ab402ecb90bc479c
Fixed
76af689a45aa44714b46d1a7de4ffdf851ded896
Fixed
a677ebd8ca2f2632ccdecbad7b87641274e15aac

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-26811.json"