ksmbd: fix null pointer dereference in alloc_preauth_hash() (c8b5b7c5) · Commits · linux-arm / linux-cca

Commit c8b5b7c5 authored Apr 02, 2025 by Namjae Jeon Committed by Steve French Apr 01, 2025

ksmbd: fix null pointer dereference in alloc_preauth_hash()



The Client send malformed smb2 negotiate request. ksmbd return error
response. Subsequently, the client can send smb2 session setup even
thought conn->preauth_info is not allocated.
This patch add KSMBD_SESS_NEED_SETUP status of connection to ignore
session setup request if smb2 negotiate phase is not complete.

Cc: stable@vger.kernel.org
Tested-by: Steve French <stfrench@microsoft.com>
Reported-by: zdi-disclosures@trendmicro.com # ZDI-CAN-26505
Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>

parent bf21e29d

Hide whitespace changes

Inline Side-by-side

Please register or to comment