[PATCH 0/3] ksmbd: some potential bugfixes

Next message: Greg Kroah-Hartman: "[PATCH 2/3] ksmbd: require 3 sub-authorities before reading sub_auth[2]"
Previous message: Greg Kroah-Hartman: "[PATCH 1/3] ksmbd: validate EaNameLength in smb2_get_ea()"
Next in thread: Greg Kroah-Hartman: "[PATCH 1/3] ksmbd: validate EaNameLength in smb2_get_ea()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Greg Kroah-Hartman

Date: Mon Apr 06 2026 - 09:47:33 EST

I spent the time exercising some new fuzzing tools on the ksmbd and smb
code purely because it's something that is simple to set up and test
locally with virtual machines, and in doing so, potentially found some
minor problems for when you have an "untrusted" client.

Here's some fixes for what I happened to notice. They pass my very
limited testing here, but please don't trust them at all and verify that
I'm not just making this all up before accepting them.

thanks!

greg k-h

Greg Kroah-Hartman (3):
ksmbd: validate EaNameLength in smb2_get_ea()
ksmbd: require 3 sub-authorities before reading sub_auth[2]
ksmbd: fix mechToken leak when SPNEGO decode fails after token alloc

fs/smb/server/connection.c | 1 +
fs/smb/server/smb2pdu.c | 7 ++++++-
fs/smb/server/smbacl.c | 3 ++-
3 files changed, 9 insertions(+), 2 deletions(-)

--
2.53.0