Hi everyone,
Reading:
https://<email address hidden>/T/
It seems the issue was introduced in
commit 33eae65c6f49770fec7a662935d4eb4a6406d24b Author: Paulo Alcantara <email address hidden> Date: Wed Dec 13 12:25:57 2023 -0300 Subject: smb: client: fix OOB in SMB2_query_info_init() Link: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=33eae65c6f49770fec7a662935d4eb4a6406d24b
this was indeed landed in 5.15.0-102-generic:
$ git log --grep "smb: client: fix OOB in SMB2_query_info_init()" origin/master-next commit ed30eac9715d0bd5512ee42ca8e8f340d2d9d2d5 ...
$ git describe --contains ed30eac9715d0bd5512ee42ca8e8f340d2d9d2d5 Ubuntu-5.15.0-102.112~472
The link mentions it is supposedly fixed in:
commit b5d623611c9cda84ebb5e5bd044587955eaf782f Author: Kees Cook <email address hidden> Date: Fri Feb 17 16:24:40 2023 -0800 Subject: smb3: Replace smb2pdu 1-element arrays with flex-arrays Link: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b5d623611c9cda84ebb5e5bd044587955eaf782f
Looking at the Jammy kernel tree:
$ git log --grep "smb3: Replace smb2pdu 1-element arrays with flex-arrays" origin/master-next commit b5d623611c9cda84ebb5e5bd044587955eaf782f
$ git describe --contains b5d623611c9cda84ebb5e5bd044587955eaf782f Ubuntu-5.15.0-104.114~23
It seems it is already applied and tagged in 5.15.0-104-generic. This seems to be built, but not quite in -proposed yet:
https://kernel.ubuntu.com/reports/kernel-stable-board/
I will write back as soon as 5.15.0-104-generic is in -proposed, with instructions on how to test it, and see if it fixes the issue.
Thanks, Matthew
Hi everyone,
Reading:
https://<email address hidden>/T/
It seems the issue was introduced in
commit 33eae65c6f49770 fec7a662935d4eb 4a6406d24b info_init( ) /git.kernel. org/pub/ scm/linux/ kernel/ git/torvalds/ linux.git/ commit/ ?id=33eae65c6f4 9770fec7a662935 d4eb4a6406d24b
Author: Paulo Alcantara <email address hidden>
Date: Wed Dec 13 12:25:57 2023 -0300
Subject: smb: client: fix OOB in SMB2_query_
Link: https:/
this was indeed landed in 5.15.0-102-generic:
$ git log --grep "smb: client: fix OOB in SMB2_query_ info_init( )" origin/master-next 5512ee42ca8e8f3 40d2d9d2d5
commit ed30eac9715d0bd
...
$ git describe --contains ed30eac9715d0bd 5512ee42ca8e8f3 40d2d9d2d5 5.15.0- 102.112~ 472
Ubuntu-
The link mentions it is supposedly fixed in:
commit b5d623611c9cda8 4ebb5e5bd044587 955eaf782f /git.kernel. org/pub/ scm/linux/ kernel/ git/torvalds/ linux.git/ commit/ ?id=b5d623611c9 cda84ebb5e5bd04 4587955eaf782f
Author: Kees Cook <email address hidden>
Date: Fri Feb 17 16:24:40 2023 -0800
Subject: smb3: Replace smb2pdu 1-element arrays with flex-arrays
Link: https:/
Looking at the Jammy kernel tree:
$ git log --grep "smb3: Replace smb2pdu 1-element arrays with flex-arrays" origin/master-next 4ebb5e5bd044587 955eaf782f
commit b5d623611c9cda8
$ git describe --contains b5d623611c9cda8 4ebb5e5bd044587 955eaf782f 5.15.0- 104.114~ 23
Ubuntu-
It seems it is already applied and tagged in 5.15.0-104-generic. This seems to be built, but not quite in -proposed yet:
https:/ /kernel. ubuntu. com/reports/ kernel- stable- board/
I will write back as soon as 5.15.0-104-generic is in -proposed, with instructions on how to test it, and see if it fixes the issue.
Thanks,
Matthew