Out-of-Bounds Access in smb2_get_data_area_len in ksmbd
CVE-2024-22705 · HIGH Severity
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2_get_data_area_len in fs/smb/server/smb2misc.c can cause an smb_strndup_from_utf16 out-of-bounds access because the relationship between Name data and CreateContexts data is mishandled.
Learn more about our Cis Benchmark Audit For Distribution Independent Linux.