CVE-2024-26828

MEDIUM

Linux Kernel 4.18-6.1.78, 6.2-6.6.17, 6.7-6.7.5 - Integer Underflow in CIFS Server Interface Parser

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parse_server_interfaces() In this loop, we step through the buffer and after each item we check if the size_left is greater than the minimum size we need. However, the problem is that "bytes_left" is type ssize_t while sizeof() is type size_t. That means that because of type promotion, the comparison is done as an unsigned and if we have negative bytes left the loop continues instead of ending.

References (4)

Core 4

Core References

Patch

https://git.kernel.org/stable/c/7190353835b4a219abb70f90b06cdcae97f11512

Patch

https://git.kernel.org/stable/c/f7ff1c89fb6e9610d2b01c1821727729e6609308

Patch

https://git.kernel.org/stable/c/df2af9fdbc4ddde18a3371c4ca1a86596e8be301

Patch

https://git.kernel.org/stable/c/cffe487026be13eaf37ea28b783d9638ab147204

Scores

CVSS v3 6.7

EPSS 0.0041

EPSS Percentile 32.2%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-191

Status published

Products (15)

linux/Kernel 4.18.0 - 6.1.79linux

linux/Kernel 6.2.0 - 6.6.18linux

linux/Kernel 6.7.0 - 6.7.6linux

Linux/Linux < 4.18

Linux/Linux 4.18

Linux/Linux 6.1.79 - 6.1.*

Linux/Linux 6.6.18 - 6.6.*

Linux/Linux 6.7.6 - 6.7.*

Linux/Linux 6.8

Linux/Linux fe856be475f7cf5ffcde57341d175ce9fd09434b - 7190353835b4a219abb70f90b06cdcae97f11512

... and 5 more

Published Apr 17, 2024

Tracked Since Feb 18, 2026