In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix out of bounds in init_smb2_rsp_hdr()
If client send smb2 negotiate request and then send smb1 negotiate
request, init_smb2_rsp_hdr is called for smb1 negotiate request since
need_neg is set to false. This patch ignore smb1 packets after ->need_neg
is set to false.
References
Configurations
Configuration 1 (hide)
|
History
28 May 2024, 20:16
Type | Values Removed | Values Added |
---|---|---|
References |
|
01 May 2024, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
15 Mar 2024, 13:56
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-119 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | |
References | () https://git.kernel.org/stable/c/330d900620dfc9893011d725b3620cd2ee0bc2bc - Patch | |
References | () https://git.kernel.org/stable/c/536bb492d39bb6c080c92f31e8a55fe9934f452b - Patch | |
References | () https://git.kernel.org/stable/c/5c0df9d30c289d6b9d7d44e2a450de2f8e3cf40b - Patch | |
References | () https://git.kernel.org/stable/c/aa669ef229ae8dd779da9caa24e254964545895f - Patch | |
First Time |
Linux linux Kernel
Linux |
21 Feb 2024, 08:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-02-21 08:15
Updated : 2024-05-28 20:16
NVD link : CVE-2023-52441
Mitre link : CVE-2023-52441
CVE.ORG link : CVE-2023-52441
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer