Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:ksmbd: fix incorrect validation for num_aces field of smb_aclparse_dcal() validate num_aces to allocate posix_ace_state_array.if (num_aces > ULONG_MAX / sizeof(struct smb_ace *))It is an incorrect validation that we can create an array of size ULONG_MAX.smb_acl has ->size field to calculate actual number of aces in request buffersize. Use this to check invalid num_aces.
No PoCs from references.
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/w4zu/Debian_security