Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:ksmbd: prevent out-of-bounds stream writes by validating *posksmbd_vfs_stream_write() did not validate whether the write offset(*pos) was within the bounds of the existing stream data length (v_len).If *pos was greater than or equal to v_len, this could lead to anout-of-bounds memory write.This patch adds a check to ensure *pos is less than v_len beforeproceeding. If the condition fails, -EINVAL is returned.
No PoCs from references.
- https://github.com/w4zu/Debian_security