CVE-2024-26954

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-26954
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-26954.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-26954
Downstream
Published
2024-05-01T05:18:47.428Z
Modified
2026-05-07T04:17:40.744521Z
Summary
ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()
Details

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: fix slab-out-of-bounds in smbstrndupfrom_utf16()

If ->NameOffset of smb2createreq is smaller than Buffer offset of smb2createreq, slab-out-of-bounds read can happen from smb2open. This patch set the minimum value of the name offset to the buffer offset to validate name length of smb2create_req().

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/26xxx/CVE-2024-26954.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
0626e6641f6b467447c81dd7678a69c66f7746cf
Fixed
d70c2e0904ab3715c5673fd45788a464a246d1db
Fixed
9e4937cbc150f9d5a9b5576e1922ef0b5ed2eb72
Fixed
3b8da67191e938a63d2736dabb4ac5d337e5de57
Fixed
4f97e6a9d62cb1fce82fbf4baff44b83221bc178
Fixed
a80a486d72e20bd12c335bcd38b6e6f19356b0aa

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-26954.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.15.0
Fixed
6.1.119
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.32
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.7.12
Type
ECOSYSTEM
Events
Introduced
6.8.0
Fixed
6.8.3

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-26954.json"