Debian Patches
Status for libsmb2/6.2+dfsg-3
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 10-Fix-compiler-warning.patch | [PATCH] Fix compiler warning about "cast increases required alignment" Some ISA, like ARMv6, do not support unaligned memory accesses. The cast here technically convert a the pointer target from a char to another pointer. However, as the buf field (char) is laid out after a pointer in the structure definition, the alignment for buf is forced to the same alignment as a pointer. Thus the issue with unaligned access can not happen and the workaround by re-casting the pointer via void * is safe. |
Ronnie Sahlberg <ronniesahlberg@gmail.com> | yes | upstream | upstream, https://github.com/sahlberg/libsmb2/commit/66b098787213cda14d8fbf6e346517df2bb1fe7e | 2024-04-03 |
| 20-Handle-a-bunch-of-other-compiler-warnings.patch | [PATCH] Handle a bunch of other compiler warnings on armv6 and similararchectures that can not handle unaligned accesses and where pointer conversions cause compiler warnings when converting a pointer to a larger type. |
Ronnie Sahlberg <ronniesahlberg@gmail.com> | yes | upstream | upstream, https://github.com/sahlberg/libsmb2/commit/55555e27e3e9d84503ff276ed7a1fb08c2c35019 | 2024-04-03 |
| CVE-2025-57632-pt1.patch | [PATCH 1/4] [Security]: fix OOB write in smb2_add_iovector via chained PDUs Root cause: missing bounds check for v->niov against SMB2_MAX_VECTORS (256). |
ZjW1nd <zj_w1nd@qq.com> | no | debian | upstream, https://github.com/sahlberg/libsmb2/commit/5e75eebf922b338cdb548d60cffb3b997d2a12e8 | 2025-08-18 |
| CVE-2025-57632-pt2.patch | [PATCH 2/4] [Security]: fix NULL deref on alloc failure in dcerpc_bind_async Root cause: unchecked smb2_alloc_data results for p_cont_elem and transfer_syntaxes could be NULL. Backported by: Matheus Polkorny <mpolkorny@gmail.com> Changes: - Update hunks' offsets. |
ZjW1nd <zj_w1nd@qq.com> | no | debian | upstream, https://github.com/sahlberg/libsmb2/commit/70754b01fb272604e90f8b886ec4ff73ca6ab38f | 2025-08-18 |
| CVE-2025-57632-pt3.patch | [PATCH 3/4] [Security]: fix off-by-one OOB write in compat strdup Root cause: memcpy used len+1 while len already included the NUL terminator. Backported by: Matheus Polkorny <mpolkorny@gmail.com> Changes: - Update hunks' offsets. |
ZjW1nd <zj_w1nd@qq.com> | no | debian | upstream, https://github.com/sahlberg/libsmb2/commit/d0801c5cdb847339b881447087216628a7a4ebe4 | 2025-08-18 |
| CVE-2025-57632-pt4.patch | [PATCH 4/4] [Security]: Enforce NULL-checks for smb2_add_iovector. This is a better fix for the previous 2 commit. And I also add malloc return value check in smb2_read_data to prevent Null deref. Backported by: Matheus Polkorny <mpolkorny@gmail.com> Changes: - Change hunk to reflect new code indentation. |
ZjW1nd <zj_w1nd@qq.com> | no | debian | upstream, https://github.com/sahlberg/libsmb2/commit/883e787426df52dd19206234d7278d46ac997668 | 2025-08-18 |
All known versions for source package 'libsmb2'
- 6.2+dfsg-3 (sid)
- 6.2+dfsg-2 (trixie, forky)