CVE-2023-52479

Summary

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: fix uaf in smb20_oplock_break_ack

drop reference after use opinfo.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < 694e13732e830cbbfedb562e57f28644927c33fdaffected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < 8226ffc759ea59f10067b9acdf7f94bae1c69930affected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < d5b0e9d3563e7e314a850e81f42b2ef6f39882f9affected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < c69813471a1ec081a0b9bf0c6bd7e8afd818afceaffected
LinuxLinux5.15affected
LinuxLinux0 < 5.15unaffected
LinuxLinux5.15.135 <= 5.15.*unaffected
LinuxLinux6.1.57 <= 6.1.*unaffected
LinuxLinux6.5.7 <= 6.5.*unaffected
LinuxLinux6.6 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References