In the Linux kernel, the following vulnerability has been resolved:
smb: client: require a full NFS mode SID before reading mode bits
parse_dacl() treats an ACE SID matching sid_unix_NFS_mode as an
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: require 3 sub-authorities before reading sub_auth[2]
parse_dacl() compares each ACE SID against sid_unix_NFS_mode and on
ma
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: validate inherited ACE SID length
smb_inherit_dacl() walks the parent directory DACL loaded from the
security descriptor xa
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: require minimum ACE size in smb_check_perm_dacl()
Both ACE-walk loops in smb_check_perm_dacl() only guard against an
under-
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: validate num_aces and harden ACE walk in smb_inherit_dacl()
smb_inherit_dacl() trusts the on-disk num_aces value from the p
In the Linux kernel, the following vulnerability has been resolved:
smb: client: validate the whole DACL before rewriting it in cifsacl
build_sec_desc() and id_mode_to_cifs_acl() derive a DACL point
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix incorrect validation for num_aces field of smb_acl
parse_dcal() validate num_aces to allocate posix_ace_state_array.
i
In the Linux kernel, the following vulnerability has been resolved:
smb: client: Add check for next_buffer in receive_encrypted_standard()
Add check for the return value of cifs_buf_get() and cifs_s
In the Linux kernel, the following vulnerability has been resolved:
smb: client: fix max_sge overflow in smb_extract_folioq_to_rdma()
This fixes the following problem:
[ 749.901015] [ T8673] run
In the Linux kernel, the following vulnerability has been resolved:
smb: client: validate dacloffset before building DACL pointers
parse_sec_desc(), build_sec_desc(), and the chown path in
id_mode_t
In the Linux kernel, the following vulnerability has been resolved:
smb: client: use kzalloc to zero-initialize security descriptor buffer
Commit 62e7dd0a39c2d ("smb: common: change the data type of
In the Linux kernel, the following vulnerability has been resolved:
nfs/localio: must clear res.replen in nfs_local_read_done
Otherwise memory corruption can occur due to NFSv3 LOCALIO reads
leaving
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix out-of-bounds in parse_sec_desc()
If osidoffset, gsidoffset and dacloffset could be greater than smb_ntsd
struct size.
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: avoid out of bounds access in decode_preauth_ctxt()
Confirm that the accessed pneg_ctxt->HashAlgorithms address sits within
In the Linux kernel, the following vulnerability has been resolved:
NFSD: NFSv4 file creation neglects setting ACL
An NFSv4 client that sets an ACL with a named principal during file
creation retrie
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: Add a check for attr_names and oatbl
Added out-of-bound checking for *ane (ATTR_NAME_ENTRY).
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix reference count leak in smb_check_perm_dacl()
The issue happens in a specific path in smb_check_perm_dacl(). When
"id"
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5e: Fix macsec possible null dereference when updating MAC security entity (SecY)
Upon updating MAC security entity (SecY)
In the Linux kernel, the following vulnerability has been resolved:
nfsd: fix potential UAF in nfsd4_cb_getattr_release
Once we drop the delegation reference, the fields embedded in it are no
longer
In the Linux kernel, the following vulnerability has been resolved:
cifs: Fix oops due to uncleared server->smbd_conn in reconnect
In smbd_destroy(), clear the server->smbd_conn pointer after freein
Page 1+ Next →