| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 14 Dec 2023 19:35:59 -0600
From: Steve French <smfrench@...il.com>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: Paulo Alcantara <pc@...guebit.com>, Robert Morris <rtm@...il.mit.edu>,
CIFS <linux-cifs@...r.kernel.org>, LKML <linux-kernel@...r.kernel.org>
Subject: [GIT PULL] four smb3 client fixes
Please pull the following changes since commit
a39b6ac3781d46ba18193c9dbb2110f31e9bffe9:
Linux 6.7-rc5 (2023-12-10 14:33:40 -0800)
are available in the Git repository at:
git://git.samba.org/sfrench/cifs-2.6.git tags/6.7-rc5-smb3-client-fixes
for you to fetch changes up to 3a42709fa909e22b0be4bb1e2795aa04ada732a3:
smb: client: fix OOB in smb2_query_reparse_point() (2023-12-11 12:30:39 -0600)
----------------------------------------------------------------
Four import client fixes addressing potential overflows, all marked
for stable as well
- address OOBs and null dereference found by Dr. Morris's recent
analysis and fuzzing
----------------------------------------------------------------
Paulo Alcantara (4):
smb: client: fix OOB in receive_encrypted_standard()
smb: client: fix potential OOBs in smb2_parse_contexts()
smb: client: fix NULL deref in asn1_ber_decoder()
smb: client: fix OOB in smb2_query_reparse_point()
fs/smb/client/cached_dir.c | 17 +++++++---
fs/smb/client/smb2misc.c | 26 ++++++---------
fs/smb/client/smb2ops.c | 40 +++++++++++++----------
fs/smb/client/smb2pdu.c | 93
++++++++++++++++++++++++++++++++----------------------
fs/smb/client/smb2proto.h | 12 ++++---
5 files changed, 109 insertions(+), 79 deletions(-)
--
Thanks,
Steve
Powered by blists - more mailing lists