{"id":"CVE-2024-26828","summary":"cifs: fix underflow in parse_server_interfaces()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix underflow in parse_server_interfaces()\n\nIn this loop, we step through the buffer and after each item we check\nif the size_left is greater than the minimum size we need.  However,\nthe problem is that \"bytes_left\" is type ssize_t while sizeof() is type\nsize_t.  That means that because of type promotion, the comparison is\ndone as an unsigned and if we have negative bytes left the loop\ncontinues instead of ending.","modified":"2026-04-02T10:06:06.820228Z","published":"2024-04-17T09:43:52.995Z","related":["ALSA-2024:5363","SUSE-SU-2024:1979-1","SUSE-SU-2024:1983-1","SUSE-SU-2024:2008-1","SUSE-SU-2024:2010-1","SUSE-SU-2024:2011-1","SUSE-SU-2024:2019-1","SUSE-SU-2024:2135-1","SUSE-SU-2024:2183-1","SUSE-SU-2024:2184-1","SUSE-SU-2024:2185-1","SUSE-SU-2024:2189-1","SUSE-SU-2024:2190-1","SUSE-SU-2024:2326-1","SUSE-SU-2024:2335-1","SUSE-SU-2024:2337-1","SUSE-SU-2024:2338-1","SUSE-SU-2024:2341-1","SUSE-SU-2024:2342-1","SUSE-SU-2024:2343-1","SUSE-SU-2024:2344-1","SUSE-SU-2024:2351-1","SUSE-SU-2024:2357-1","SUSE-SU-2024:2358-1","SUSE-SU-2024:2368-1","SUSE-SU-2024:2369-1","SUSE-SU-2024:2373-1","SUSE-SU-2024:2382-1","SUSE-SU-2024:2396-1","SUSE-SU-2024:2407-1","SUSE-SU-2024:2410-1","SUSE-SU-2024:2437-1","SUSE-SU-2024:2446-1","SUSE-SU-2024:2447-1","SUSE-SU-2024:2448-1","SUSE-SU-2024:2449-1","SUSE-SU-2024:2472-1","SUSE-SU-2024:2473-1","SUSE-SU-2024:2474-1","SUSE-SU-2024:2480-1","SUSE-SU-2024:2487-1","SUSE-SU-2024:2488-1","SUSE-SU-2024:2530-1","SUSE-SU-2024:2549-1","SUSE-SU-2024:2558-1","SUSE-SU-2024:2559-1","SUSE-SU-2024:2722-1","SUSE-SU-2024:2723-1","SUSE-SU-2024:2725-1","SUSE-SU-2024:2726-1","SUSE-SU-2024:2740-1","SUSE-SU-2024:2751-1","SUSE-SU-2024:2755-1","SUSE-SU-2024:2758-1","SUSE-SU-2024:2759-1","SUSE-SU-2024:2773-1","SUSE-SU-2024:2792-1","SUSE-SU-2024:2821-1","SUSE-SU-2024:2822-1","SUSE-SU-2024:2824-1","SUSE-SU-2024:2825-1","SUSE-SU-2024:2840-1","SUSE-SU-2024:2841-1","SUSE-SU-2024:2843-1","SUSE-SU-2024:2850-1","SUSE-SU-2024:2851-1","SUSE-SU-2024:2852-1","SUSE-SU-2024:3015-1","SUSE-SU-2024:3034-1","SUSE-SU-2024:3037-1","SUSE-SU-2024:3039-1","SUSE-SU-2024:3043-1","SUSE-SU-2024:3044-1","SUSE-SU-2024:3048-1","SUSE-SU-2024:3318-1","SUSE-SU-2024:3320-1","SUSE-SU-2024:3334-1","SUSE-SU-2024:3336-1","SUSE-SU-2024:3347-1","SUSE-SU-2024:3348-1","SUSE-SU-2024:3349-1","SUSE-SU-2024:3363-1","SUSE-SU-2024:3368-1","SUSE-SU-2024:3375-1","SUSE-SU-2024:3379-1","SUSE-SU-2024:3399-1","SUSE-SU-2024:3623-1","SUSE-SU-2024:3625-1","SUSE-SU-2024:3631-1","SUSE-SU-2024:3632-1","SUSE-SU-2024:3639-1","SUSE-SU-2024:3642-1","SUSE-SU-2024:3649-1","SUSE-SU-2024:3651-1","SUSE-SU-2024:3652-1","SUSE-SU-2024:3662-1","SUSE-SU-2024:3663-1","SUSE-SU-2024:3679-1","SUSE-SU-2024:3685-1","SUSE-SU-2024:3694-1","SUSE-SU-2024:3695-1","SUSE-SU-2024:3696-1","SUSE-SU-2024:3697-1","SUSE-SU-2024:3700-1","SUSE-SU-2024:3701-1","SUSE-SU-2024:3710-1","SUSE-SU-2024:3793-1","SUSE-SU-2024:3796-1","SUSE-SU-2024:3798-1","SUSE-SU-2024:3803-1","SUSE-SU-2024:3806-1","SUSE-SU-2024:3814-1","SUSE-SU-2024:3815-1","SUSE-SU-2024:3820-1","SUSE-SU-2024:3821-1","SUSE-SU-2024:3829-1","SUSE-SU-2024:3830-1","SUSE-SU-2024:3831-1","SUSE-SU-2024:3837-1","SUSE-SU-2024:3842-1","SUSE-SU-2024:3849-1","SUSE-SU-2024:3851-1","SUSE-SU-2024:3852-1","SUSE-SU-2024:3854-1","SUSE-SU-2024:3855-1","SUSE-SU-2024:3857-1","SUSE-SU-2024:3860-1","SUSE-SU-2024:4122-1","SUSE-SU-2024:4123-1","SUSE-SU-2024:4124-1","SUSE-SU-2024:4125-1","SUSE-SU-2024:4180-1","SUSE-SU-2024:4207-1","SUSE-SU-2024:4214-1","SUSE-SU-2024:4216-1","SUSE-SU-2024:4218-1","SUSE-SU-2024:4226-1","SUSE-SU-2024:4234-1","SUSE-SU-2024:4235-1","SUSE-SU-2024:4236-1","SUSE-SU-2024:4242-1","SUSE-SU-2024:4243-1","SUSE-SU-2024:4249-1","SUSE-SU-2024:4250-1","SUSE-SU-2024:4256-1","SUSE-SU-2024:4263-1","SUSE-SU-2024:4264-1","SUSE-SU-2024:4266-1","SUSE-SU-2025:0091-1","SUSE-SU-2025:0101-1","SUSE-SU-2025:0103-1","SUSE-SU-2025:0106-1","SUSE-SU-2025:0107-1","SUSE-SU-2025:0109-1","SUSE-SU-2025:0114-1","SUSE-SU-2025:0115-1","SUSE-SU-2025:0124-1","SUSE-SU-2025:0137-1","SUSE-SU-2025:0146-1","SUSE-SU-2025:0150-1","SUSE-SU-2025:0158-1","SUSE-SU-2025:0164-1","SUSE-SU-2025:0238-1","SUSE-SU-2025:0240-1","SUSE-SU-2025:0244-1","SUSE-SU-2025:0248-1","SUSE-SU-2025:0251-1","SUSE-SU-2025:0252-1","SUSE-SU-2025:0253-1","SUSE-SU-2025:0254-1","SUSE-SU-2025:0261-1","SUSE-SU-2025:0264-1","SUSE-SU-2025:0266-1","SUSE-SU-2025:20008-1","SUSE-SU-2025:20028-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/26xxx/CVE-2024-26828.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/7190353835b4a219abb70f90b06cdcae97f11512"},{"type":"WEB","url":"https://git.kernel.org/stable/c/cffe487026be13eaf37ea28b783d9638ab147204"},{"type":"WEB","url":"https://git.kernel.org/stable/c/df2af9fdbc4ddde18a3371c4ca1a86596e8be301"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f7ff1c89fb6e9610d2b01c1821727729e6609308"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/26xxx/CVE-2024-26828.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-26828"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"fe856be475f7cf5ffcde57341d175ce9fd09434b"},{"fixed":"7190353835b4a219abb70f90b06cdcae97f11512"},{"fixed":"f7ff1c89fb6e9610d2b01c1821727729e6609308"},{"fixed":"df2af9fdbc4ddde18a3371c4ca1a86596e8be301"},{"fixed":"cffe487026be13eaf37ea28b783d9638ab147204"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-26828.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H"}]}