Unrated severityNVD Advisory· Published Apr 3, 2024· Updated May 4, 2025

smb: Fix regression in writes when non-standard maximum write size negotiated

CVE-2024-26692

Description

In the Linux kernel, the following vulnerability has been resolved:

The conversion to netfs in the 6.3 kernel caused a regression when maximum write size is set by the server to an unexpected value which is not a multiple of 4096 (similarly if the user overrides the maximum write size by setting mount parm "wsize", but sets it to a value that is not a multiple of 4096). When negotiated write size is not a multiple of 4096 the netfs code can skip the end of the final page when doing large sequential writes, causing data corruption.

This section of code is being rewritten/removed due to a large netfs change, but until that point (ie for the 6.3 kernel until now) we can not support non-standard maximum write sizes.

Add a warning if a user specifies a wsize on mount that is not a multiple of 4096 (and round down), also add a change where we round down the maximum write size if the server negotiates a value that is not a multiple of 4096 (we also have to check to make sure that we do not round it down to zero).

Affected products

osv-coords83 versions
pkg:rpm/opensuse/dtb-aarch64&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/dtb-aarch64&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-64kb&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-64kb&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-debug&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-debug&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-default-base&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-default-base&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-docs&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-docs&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-kvmsmall&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-kvmsmall&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-obs-build&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-obs-build&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-obs-qa&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-obs-qa&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-rt_debug&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-rt&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-source-azure&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-source-azure&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-source-rt&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-syms-azure&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-syms-azure&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-syms&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-syms&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-syms-rt&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-zfcpdump&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-zfcpdump&distro=openSUSE%20Leap%2015.6 pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5 pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5 pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.5 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5 pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6 pkg:rpm/suse/kernel-kvmsmall&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-livepatch-SLE15-SP5-RT_Update_16&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5 pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_15&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5 pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6 pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5 pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6 pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Real%20Time%20Module%2015%20SP5 pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5 pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP5 pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5 pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP5 pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5 pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6 pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP5 pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5 pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6
< 5.14.21-150500.55.68.1+ 82 more
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.1
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 5.14.21-150500.33.57.1
- (no CPE)range: < 6.4.0-150600.8.5.4
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 5.14.21-150500.55.68.1.150500.6.31.1
- (no CPE)range: < 6.4.0-150600.23.7.3.150600.12.2.7
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.4
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.1
- (no CPE)range: < 5.14.21-150500.13.58.1
- (no CPE)range: < 5.14.21-150500.13.58.1
- (no CPE)range: < 5.14.21-150500.33.57.1
- (no CPE)range: < 6.4.0-150600.8.5.4
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.2
- (no CPE)range: < 5.14.21-150500.13.58.1
- (no CPE)range: < 5.14.21-150500.33.57.1
- (no CPE)range: < 6.4.0-150600.8.5.1
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.1
- (no CPE)range: < 5.14.21-150500.13.58.1
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 5.14.21-150500.33.57.1
- (no CPE)range: < 6.4.0-150600.8.5.4
- (no CPE)range: < 5.14.21-150500.55.68.1.150500.6.31.1
- (no CPE)range: < 5.14.21-150500.55.68.1.150500.6.31.1
- (no CPE)range: < 6.4.0-150600.23.7.3.150600.12.2.7
- (no CPE)range: < 6.4.0-17.1.1.51
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 6.4.0-18.1
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.4
- (no CPE)range: < 6.4.0-18.1
- (no CPE)range: < 1-150500.11.3.1
- (no CPE)range: < 1-150500.11.3.1
- (no CPE)range: < 1-150600.13.3.7
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 5.14.21-150500.13.58.1
- (no CPE)range: < 5.14.21-150500.13.58.1
- (no CPE)range: < 6.4.0-9.1
- (no CPE)range: < 5.14.21-150500.13.58.1
- (no CPE)range: < 5.14.21-150500.33.57.1
- (no CPE)range: < 6.4.0-150600.8.5.4
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.2
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.2
- (no CPE)range: < 6.4.0-18.1
- (no CPE)range: < 5.14.21-150500.13.58.1
- (no CPE)range: < 6.4.0-9.1
- (no CPE)range: < 5.14.21-150500.13.58.1
- (no CPE)range: < 5.14.21-150500.33.57.1
- (no CPE)range: < 6.4.0-150600.8.5.1
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.1
- (no CPE)range: < 5.14.21-150500.13.58.1
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.3
Linux/Linuxcpe-rescue
Range: 6.3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000