VYPR
High severity7.1NVD Advisory· Published May 1, 2024· Updated Jun 17, 2026

CVE-2024-26954

CVE-2024-26954

Description

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()

If ->NameOffset of smb2_create_req is smaller than Buffer offset of smb2_create_req, slab-out-of-bounds read can happen from smb2_open. This patch set the minimum value of the name offset to the buffer offset to validate name length of smb2_create_req().

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.