On Sun, Feb 11, 2024 at 01:36:07AM +0530, Guruswamy Basavaiah wrote:
> Here are the two backported patches aimed at addressing a crash.
>
> Patch 1 fix validate offsets and lengths before dereferencing create
> contexts in smb2_parse_contexts().
>
> Patch 2 fix issue in patch 1.
>
> The original patches were authored by Paulo Alcantara <pc@xxxxxxxxxxxxx>.
> Original Patches:
> 1. af1689a9b770 ("smb: client: fix potential OOBs in smb2_parse_contexts()")
> 2. 76025cc2285d ("smb: client: fix parsing of SMB3.1.1 POSIX create context")
>
> Please review and consider applying these patches.
All now queued up.
And it looks like af1689a9b770 ("smb: client: fix potential OOBs in
smb2_parse_contexts()") should get a CVE assignment, right?
thanks,
greg k-h
