Linux Kernel CIFS Filesystem Decryption Improper Input Validation Remote Code Execution Vulnerability. This case affected the cifs.ko, which is linux CIFS file system module, the client side of the CIFS didn't validate the `NextCommand` field, which is controlled from server side, it leads to DoS (due to OOB read on the memcpy source buffer) and wild copy (due to integer underflow on the memcpy length), both results are caused by the `NextCommand` without validation, that's why they merged into same case Reference; https://www.spinics.net/lists/stable-commits/msg328851.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2024:1188 https://access.redhat.com/errata/RHSA-2024:1188
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2024:1404 https://access.redhat.com/errata/RHSA-2024:1404
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2024:1533 https://access.redhat.com/errata/RHSA-2024:1533
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2024:1532 https://access.redhat.com/errata/RHSA-2024:1532
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:1607 https://access.redhat.com/errata/RHSA-2024:1607
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:1614 https://access.redhat.com/errata/RHSA-2024:1614
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2024:2394 https://access.redhat.com/errata/RHSA-2024:2394