CVE-2023-52441
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix out of bounds in init_smb2_rsp_hdr()
If client send smb2 negotiate request and then send smb1 negotiate request, init_smb2_rsp_hdr is called for smb1 negotiate request since need_neg is set to false. This patch ignore smb1 packets after ->need_neg is set to false.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 0626e6641f6b467447c81dd7678a69c66f7746cf < 5c0df9d30c289d6b9d7d44e2a450de2f8e3cf40b | affected |
| Linux | Linux | 0626e6641f6b467447c81dd7678a69c66f7746cf < 330d900620dfc9893011d725b3620cd2ee0bc2bc | affected |
| Linux | Linux | 0626e6641f6b467447c81dd7678a69c66f7746cf < aa669ef229ae8dd779da9caa24e254964545895f | affected |
| Linux | Linux | 0626e6641f6b467447c81dd7678a69c66f7746cf < 536bb492d39bb6c080c92f31e8a55fe9934f452b | affected |
| Linux | Linux | 5.15 | affected |
| Linux | Linux | 0 < 5.15 | unaffected |
| Linux | Linux | 5.15.145 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.53 <= 6.1.* | unaffected |
| Linux | Linux | 6.4.16 <= 6.4.* | unaffected |
| Linux | Linux | 6.5 <= * | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/5c0df9d30c289d6b9d7d44e2a450de2f8e3cf40b
- https://git.kernel.org/stable/c/330d900620dfc9893011d725b3620cd2ee0bc2bc
- https://git.kernel.org/stable/c/aa669ef229ae8dd779da9caa24e254964545895f
- https://git.kernel.org/stable/c/536bb492d39bb6c080c92f31e8a55fe9934f452b
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/5c0df9d30c289d6b9d7d44e2a450de2f8e3cf40b
- https://git.kernel.org/stable/c/330d900620dfc9893011d725b3620cd2ee0bc2bc
- https://git.kernel.org/stable/c/aa669ef229ae8dd779da9caa24e254964545895f
- https://git.kernel.org/stable/c/536bb492d39bb6c080c92f31e8a55fe9934f452b
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.