| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAH2r5mtkVvPyT0qvZbNwwKSmsXtryStiE6bGGn_mK=E3V_waEw@mail.gmail.com> Date: Mon, 31 Mar 2025 17:48:52 -0500 From: Steve French <smfrench@...il.com> To: Roman Smirnov <r.smirnov@....ru> Cc: Steve French <sfrench@...ba.org>, Paulo Alcantara <pc@...guebit.com>, Ronnie Sahlberg <ronniesahlberg@...il.com>, Shyam Prasad N <sprasad@...rosoft.com>, Tom Talpey <tom@...pey.com>, Bharath SM <bharathsm@...rosoft.com>, Sachin Prabhu <sprabhu@...hat.com>, Shirish Pargaonkar <shirishpargaonkar@...il.com>, linux-cifs@...r.kernel.org, samba-technical@...ts.samba.org, linux-kernel@...r.kernel.org, lvc-project@...uxtesting.org Subject: Re: [PATCH 0/2] cifs: fix integer overflow in match_server() Merged into cifs-2.6.git for-next On Mon, Mar 31, 2025 at 3:23 AM Roman Smirnov <r.smirnov@....ru> wrote: > > If a large number is written to echo_interval during mount, > an integer overflow may occur in match_server(): > > smb3_fs_context_parse_param() > > cifs_smb3_do_mount() > sget() > cifs_match_super() > match_server() > > Found by Linux Verification Center (linuxtesting.org) with Svace. > > Roman Smirnov (2): > cifs: fix integer overflow in match_server() > cifs: remove unreachable code in cifs_get_tcp_session() > > fs/smb/client/connect.c | 6 +----- > fs/smb/client/fs_context.c | 5 +++++ > 2 files changed, 6 insertions(+), 5 deletions(-) > > -- > 2.34.1 > > -- Thanks, Steve
Powered by blists - more mailing lists