PT-2024-3793 · Linux+4 · Linux Kernel+4

Lin Ma

·

Published

2024-01-25

·

Updated

2024-11-07

·

CVE-2024-26608

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0
Description The vulnerability is related to a global out-of-bounds read in the ksmbd nl policy function. This issue can be exploited to affect the confidentiality, integrity, and availability of protected information. The vulnerability was discovered by a local fuzzer and is similar to a previously reported issue. The bug trace shows a global-out-of-bounds read in the validate nla function and the nla validate parse function.
Recommendations To fix the vulnerability, add a placeholder named KSMBD EVENT MAX and let KSMBD EVENT MAX be its original value - 1 according to what other netlink families do. Also, change two sites that refer to the KSMBD EVENT MAX to the correct value.

Exploit

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

BDU:2024-04146
CVE-2024-26608
OESA-2024-1498
OESA-2024-1499
OESA-2024-1500
OESA-2024-1501
USN-6765-1
USN-6766-1
USN-6766-2
USN-6766-3
USN-6795-1
USN-6818-1
USN-6818-2
USN-6818-3
USN-6818-4
USN-6819-1
USN-6819-2
USN-6819-3
USN-6819-4
USN-6828-1

Affected Products

Astra Linux
Linuxmint
Linux Kernel
Red Os
Ubuntu