linux/fs/smb/server/auth.c at v4l2_streams

mirror of https://github.com/raspberrypi/linux.git synced 2025-12-09 11:30:02 +00:00

Files

Namjae Jeon 4b081ce0d8 ksmbd: fix slub overflow in ksmbd_decode_ntlmssp_auth_blob()

If authblob->SessionKey.Length is bigger than session key
size(CIFS_KEY_SIZE), slub overflow can happen in key exchange codes.
cifs_arc4_crypt copy to session key array from SessionKey from client.

Cc: stable@vger.kernel.org
Reported-by: zdi-disclosures@trendmicro.com # ZDI-CAN-21940
Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>

2023-08-29 12:30:20 -05:00

30 KiB

Raw Permalink Blame History

View Raw

30 KiB Raw Permalink Blame History

30 KiB

Raw Permalink Blame History