[PATCH OLK-5.10 0/4] fix three CVEs by backport mainline patchs

19 Jul 2023


      mainline patch f5c779b7ddbda("ksmbd: fix racy issue from session setup and
logoff") It fixes three CVEs:
CVE-2023-32250
 CVE-2023-32252
 CVE-2023-32257
In order to successfully apply the patch, we chose to incorporate the
related pre-installed bugfix patch.
Colin Ian King (1):
  ksmbd: Fix spelling mistake "excceed" -> "exceeded"
Dawei Li (1):
  ksmbd: Implements sess->ksmbd_chann_list as xarray
Namjae Jeon (2):
  ksmbd: limit pdu length size according to connection status
  ksmbd: fix racy issue from session setup and logoff
fs/ksmbd/connection.c        |  27 +++++++---
 fs/ksmbd/connection.h        |  39 ++++++++------
 fs/ksmbd/mgmt/user_session.c |  62 +++++++++------------
 fs/ksmbd/mgmt/user_session.h |   4 +-
 fs/ksmbd/server.c            |   3 +-
 fs/ksmbd/smb2pdu.c           | 101 +++++++++++++++++------------------
 fs/ksmbd/smb2pdu.h           |   5 +-
 fs/ksmbd/transport_tcp.c     |   2 +-
 8 files changed, 123 insertions(+), 120 deletions(-)
-- 
2.34.3

2024

2023

2022

2021

2020

2019

[PATCH OLK-5.10 0/4] fix three CVEs by backport mainline patchs