CVE-2024-26811

Published: Apr 8, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate payload size in ipc response If installing malicious ksmbd-tools, ksmbd.mountd can return invalid ipc response to ksmbd kernel server. ksmbd should validate payload size of ipc response from ksmbd.mountd to avoid memory overrun or slab-out-of-bounds. This patch validate 3 ipc response that has payload.

Vendor	Product	Versions
Linux	Linux	affected `0626e6641f6b467447c81dd7678a69c66f7746cf - < 88b7f1143b15b29cccb8392b4f38e75b7bb3e300` affected `0626e6641f6b467447c81dd7678a69c66f7746cf - < 51a6c2af9d20203ddeeaf73314ba8854b38d01bd` affected `0626e6641f6b467447c81dd7678a69c66f7746cf - < a637fabac554270a851033f5ab402ecb90bc479c` affected `0626e6641f6b467447c81dd7678a69c66f7746cf - < 76af689a45aa44714b46d1a7de4ffdf851ded896` affected `0626e6641f6b467447c81dd7678a69c66f7746cf - < a677ebd8ca2f2632ccdecbad7b87641274e15aac`
Linux	Linux	affected `5.15` unaffected `0 - < 5.15` unaffected `5.15.157 - <= 5.15.` unaffected `6.1.85 - <= 6.1.` unaffected `6.6.26 - <= 6.6.*` +2 more versions

References

https://git.kernel.org/stable/c/88b7f1143b15b29cccb8392b4f38e75b7bb3e300

https://git.kernel.org/stable/c/51a6c2af9d20203ddeeaf73314ba8854b38d01bd

https://git.kernel.org/stable/c/a637fabac554270a851033f5ab402ecb90bc479c

https://git.kernel.org/stable/c/76af689a45aa44714b46d1a7de4ffdf851ded896

https://git.kernel.org/stable/c/a677ebd8ca2f2632ccdecbad7b87641274e15aac

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-26811

Description

Affected Products

References