lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 19 Jun 2023 23:45:04 -0500
From:   Steve French <smfrench@...il.com>
To:     Linus Torvalds <torvalds@...ux-foundation.org>
Cc:     LKML <linux-kernel@...r.kernel.org>,
        CIFS <linux-cifs@...r.kernel.org>,
        Namjae Jeon <linkinjeon@...nel.org>
Subject: [GIT PULL] ksmbd server fixes

Please pull the following changes since commit
858fd168a95c5b9669aac8db6c14a9aeab446375:

  Linux 6.4-rc6 (2023-06-11 14:35:30 -0700)

are available in the Git repository at:

  git://git.samba.org/ksmbd.git tags/6.4-rc6-smb3-server-fixes

for you to fetch changes up to 5005bcb4219156f1bf7587b185080ec1da08518e:

  ksmbd: validate session id and tree id in the compound request
(2023-06-16 21:04:51 -0500)

----------------------------------------------------------------
Four smb3 server fixes, all also for stable
- fix potential oops in parsing compounded requests
- fix various paths (mkdir, create etc) where mnt_want_write was not
checked first
- fix slab out of bounds in check_message and write
----------------------------------------------------------------
Namjae Jeon (4):
      ksmbd: validate command payload size
      ksmbd: add mnt_want_write to ksmbd vfs functions
      ksmbd: fix out-of-bound read in smb2_write
      ksmbd: validate session id and tree id in the compound request

 fs/smb/server/server.c    |  33 +++++++++++++---------
 fs/smb/server/smb2misc.c  |  33 +++++++++++++---------
 fs/smb/server/smb2pdu.c   |  70 ++++++++++++++++++++++++++++++++-------------
 fs/smb/server/smbacl.c    |  10 +++----
 fs/smb/server/vfs.c       | 117
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++----------------
 fs/smb/server/vfs.h       |  17 ++++++-----
 fs/smb/server/vfs_cache.c |   2 +-
 7 files changed, 196 insertions(+), 86 deletions(-)

-- 
Thanks,

Steve

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ